19 matches found
CVE-2021-44213
OX App Suite through 7.10.5 allows XSS via uuencoding in a multipart/alternative message...
CVE-2021-44213
OX App Suite through 7.10.5 allows XSS via uuencoding in a multipart/alternative message...
Design/Logic Flaw
OX App Suite through 7.10.5 allows XSS via uuencoding in a multipart/alternative message...
CVE-2021-44213
OX App Suite through 7.10.5 allows XSS via uuencoding in a multipart/alternative message...
Arbitrary Code Execution
thunderbird is vulnerable to arbitrary code execution. A remote attacker is able to execute arbitrary code via a multipart/alternative email message containing text that causes access to an incorrect object type...
CVE-2019-11739
Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird 68.1 and Thunderbird 60.9...
CVE-2019-11739
CVE-2019-11739 affects Mozilla Thunderbird; encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a HTML reply/forward. Affected versions: Thunderbird < 68.1 and Thunderbird
CVE-2019-11739
Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird 68.1 and Thunderbird 60.9...
Mozilla: Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message
Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird 68.1 and Thunderbird 60.9...
Mozilla: Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message
Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird 68.1 and Thunderbird 60.9...
CVE-2019-11739
Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird 68.1 and Thunderbird 60.9...
Mozilla: Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message
Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird 68.1 and Thunderbird 60.9...
openSUSE Security Update : roundcubemail (openSUSE-2016-1418)
This update for roundcubemail fixes the following issues : - A maliciously crafted email could cause untrusted code to be executed cross site scripting using $lt;area href=javascript:... boo982003, CVE-2016-5103 - Avoid HTML styles that could cause potential click jacking boo1001856 - A malicious...
SuSE9 Security Update : epiphany (YOU Patch Number 12519)
This update brings the Mozilla SeaMonkey Suite packages to the current stable release 1.1.17. Due to the major version update some incompatibilities might appear. It fixes all currently published security issues, including but not limited to : - Same-origin violations when Adobe Flash loaded via...
openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-1091)
Mozilla Thunderbird was updated to the 2.0.0.22 security release. It fixes various bugs and security issues : - MFSA-2009-14/CVE-2009-1302/CVE-2009-1303/CVE-2009-1304 CVE-2009-1305 Crashes with evidence of memory corruption rv:1.9.0.9 - MFSA 2009-17/CVE-2009-1307 bmo481342 Same-origin violations...
openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-1091)
Mozilla Thunderbird was updated to the 2.0.0.22 security release. It fixes various bugs and security issues : - MFSA-2009-14/CVE-2009-1302/CVE-2009-1303/CVE-2009-1304 CVE-2009-1305 Crashes with evidence of memory corruption rv:1.9.0.9 - MFSA 2009-17/CVE-2009-1307 bmo481342 Same-origin violations...
CVE-2009-2210
Mozilla Thunderbird before 2.0.0.22 and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a multipart/alternative e-mail message containing a text/enhanced part that triggers access to an incorrect object type...
Thunderbird mail crash
Mozilla Thunderbird before 2.0.0.22 and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a multipart/alternative e-mail message containing a text/enhanced part that triggers access to an incorrect object type...
Crash viewing multipart/alternative message with text/enhanced part — Mozilla
Bernd Jendrissek reported a crash in Thunderbird when viewing a multipart/alternative mail message with a text/enhanced part. Internally this led to operations on an unexpected type of object resulting in a crash which may be exploitable...