CVE-2006-0884
CVE-2006-0884
The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail.
Productos afectados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/27257no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txtftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.aschttp://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.htmlhttp://secunia.com/advisories/19721http://secunia.com/advisories/19811http://secunia.com/advisories/19821http://secunia.com/advisories/19823http://secunia.com/advisories/19863http://secunia.com/advisories/19902http://secunia.com/advisories/19941http://secunia.com/advisories/19950http://secunia.com/advisories/20051