2 matches found
thunderbird: Leak of hashed Window credentials via crafted attachment URL
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to...
Mozilla: Directory indexes for bundled resources reflected URL parameters
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when visiting directory listings for chrome:// URLs as source text, some parameters were reflected...