CVE-2006-1045

Published: Mar 7, 2006Modified: Apr 16, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:P/I:N/A:N

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed.

Affected (1)

Products: Mozilla: Thunderbird

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mozilla Thunderbird	Version 1.5

References (54)

http://secunia.com/advisories/19821

Source: cve@mitre.org

http://secunia.com/advisories/19823

Source: cve@mitre.org

http://secunia.com/advisories/19863

Source: cve@mitre.org

http://secunia.com/advisories/19902

Source: cve@mitre.org

http://secunia.com/advisories/19941

Source: cve@mitre.org

http://secunia.com/advisories/19950

Source: cve@mitre.org

http://secunia.com/advisories/20051

Source: cve@mitre.org

http://secunia.com/advisories/22065

Source: cve@mitre.org

http://securityreason.com/securityalert/514

Source: cve@mitre.org

http://www.debian.org/security/2006/dsa-1046

Source: cve@mitre.org

http://www.debian.org/security/2006/dsa-1051

Source: cve@mitre.org

http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml

Source: cve@mitre.org

http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:078

Source: cve@mitre.org

http://www.mozilla.org/security/announce/2006/mfsa2006-26.html

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2006_04_25.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2006-0330.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/426347

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/archive/1/446657/100/200/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/16881

Source: cve@mitre.org

http://www.securityfocus.com/bid/17516

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/1356

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/3749

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/24959

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10254

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1975

Source: cve@mitre.org

https://usn.ubuntu.com/276-1/

Source: cve@mitre.org

http://secunia.com/advisories/19821

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/19823

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/19863

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/19902

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/19941

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/19950

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/20051

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22065

Source: af854a3a-2127-422b-91ae-364da2661108

http://securityreason.com/securityalert/514

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2006/dsa-1046

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2006/dsa-1051

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDKSA-2006:078

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mozilla.org/security/announce/2006/mfsa2006-26.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2006_04_25.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2006-0330.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/426347

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securityfocus.com/archive/1/446657/100/200/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/16881

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/17516

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/1356

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/3749

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/24959

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10254

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1975

Source: af854a3a-2127-422b-91ae-364da2661108

https://usn.ubuntu.com/276-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.