4 matches found
Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a Thunderbird user replying to a crafted HTML email containing a meta tag, with the meta tag having the http-equiv="refresh" attribute and the content attribute specifying an URL. Thunderbird started a...
MGASA-2021-0010 Updated squirrelmail packages fix security vulnerabilities
XSS was discovered in SquirrelMail through 1.4.22. Due to improper handling of RCDATA and RAWTEXT type elements, the built-in sanitization mechanism can be bypassed. Malicious script content from HTML e-mail can be executed within the application context via crafted use of for example a NOEMBED,...
Security Bulletin MS01-038
---------------------------------------------------------------------- Title: Outlook View Control Exposes Unsafe Functionality Date: 12 July 2001 Software: Outlook 98, 2000, and 2002 Impact: Run code of attacker's choice via either web page or HTML e-mail. Bulletin: MS01-038 Microsoft encourages...
Security Update for Microsoft Windows 2000 (KB826232)
A security issue has been identified that could allow an attacker to read files or run programs on a computer, running Microsoft® Windows® 2000, that has been used to view an attacker's Web site or has read a specially crafted HTML e-mail. You can help protect your computer by installing this...