PT-2005-1250 · Mozilla+1 · Thunderbird+2

Michiel Van Leeuwen

Publicado

2005-01-29

Atualizado

2017-10-11

CVE-2005-0149

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Thunderbird versions 0.6 through 0.9 Mozilla versions 1.7 through 1.7.3

Description The issue allows remote attackers to bypass the user's intended privacy and security policy by using cookies in e-mail messages, as the software does not obey the network.cookie.disableCookieForMailNews preference.

Recommendations For Thunderbird versions 0.6 through 0.9, consider disabling the use of cookies in e-mail messages until a patch is available. For Mozilla versions 1.7 through 1.7.3, restrict access to cookies in e-mail messages to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-0149

RHSA-2005:094

RHSA-2005:335

RHSA-2005_094

RHSA-2005_323

RHSA-2005_335

Produtos afetados

Mozilla Firefox

Red Hat

Thunderbird

PT-2005-1250 · Mozilla+1 · Thunderbird+2

CVE-2005-0149

Identificadores relacionados

Produtos afetados

Referências · 35