oval:org.mitre.oval:def:2024
Definition Id: oval:org.mitre.oval:def:2024 | |||
Oval ID: | oval:org.mitre.oval:def:2024 | ||
Title: | Mozilla JavaScript Execution in Mail When Forwarding In-line | ||
Description: | The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-0884 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla |
Definition Synopsis: | |||
|