413 matches found
CVE-2006-1045
The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP...
CVE-2006-1045
The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP...
CVE-2006-1045
The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP...
CVE-2006-1045
The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP...
CVE-2006-1045
The CVE affects Mozilla Thunderbird 1.5. When Block loading of remote images in mail messages is enabled, Thunderbird’s HTML rendering engine does not fully block external images in inline HTML attachments. This could allow a remote attacker to obtain sensitive information (e.g., application vers...
moz-15.txt
Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities //----- Advisory Program : Mozilla Thunderbird Homepage : http://www.mozilla.com/thunderbird/ Tested version : 1.5 Found by : crashfr at sysdream dot com This advisory : crashfr at sysdream dot com Discovery date : 2006/02/18...
[SECURITY] [DSA 973-1] New OTRS packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 973-1 [email protected] http://www.debian.org/security/ Martin Schulze February 15th, 2006 http://www.debian.org/security/faq -...
CVE-2005-3312
The HTML rendering engine in Microsoft Internet Explorer 6.0 allows remote attackers to conduct cross-site scripting XSS attacks via HTML in corrupted images and other files such as .GIF, JPG, and WAV, which is rendered as HTML when the user clicks on the link, even though the web server response...
Opera: buffer overflows in 7.11 and 7.20
Background Opera is a multi-platform web browser. Description The Opera browser can cause a buffer allocated on the heap to overflow under certain HREFs when rendering HTML. The mail system is also deemed vulnerable and an attacker can send an email containing a malformed HREF, or plant the...
Opera HREF escaped server name overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Opera HREF escaped server name overflow Release Date: 10/20/2003 Application: Opera 7.11, 7.20 Platform: Windows XP/2000 and GNU/Linux 2.4 tested, others may be vulnerable Severity: Remote...
Alan Ward A-Cart 2.0 - MSG Cross-Site Scripting
source: https://www.securityfocus.com/bid/8722/info A-Cart has been reported prone to a cross-site scripting vulnerability. The issue presents itself likely due to a lack of sufficient sanitization performed on data contained in the 'msg' URI parameter that is passed to signin.asp. An attacker...
CVE-2003-0241
The CVE-2003-0241 issue affects FrontRange GoldMine mail agent, specifically versions 5.70 and 6.00 prior to build 30503. The vulnerability arises when HTML is sent to the default browser without labeling the content as untrusted or setting a secure zone, causing IE to render HTML in a less secur...
Ximian Evolution 1.x - MIME image/* Content-Type Data Inclusion
source: https://www.securityfocus.com/bid/7119/info Ximian Evolution does not properly validate MIME image/ Content-Type fields. If an email message contains an image/ Content-Type, any type of data can be embedded where the image information is expected. This can be used to embed HTML tags that...