CVE-2006-4570

Published: 15 September 2006

Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "Load Images" enabled, allows remote user-assisted attackers to bypass settings that disable JavaScript via a remote XBL file in a message that is loaded when the user views, forwards, or replies to the original message.

Priority

Unknown

Status

Package Release Status
mozilla-thunderbird
Launchpad, Ubuntu, Debian
Upstream Needs triage