CVE-2005-0149
First published: Sat Jan 29 2005(Updated: )
Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remote attackers to bypass the user's intended privacy and security policy by using cookies in e-mail messages.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Thunderbird | =0.6 | |
| Mozilla Thunderbird | =0.7.2 | |
| Mozilla Mozilla | =1.7-alpha | |
| Mozilla Mozilla | =1.7-rc1 | |
| Mozilla Mozilla | =1.7 | |
| Mozilla Mozilla | =1.7-beta | |
| Mozilla Thunderbird | =0.9 | |
| Mozilla Mozilla | =1.7.1 | |
| Mozilla Thunderbird | =0.7.3 | |
| Mozilla Thunderbird | =0.7 | |
| Mozilla Mozilla | =1.7.2 | |
| Mozilla Mozilla | =1.7-rc3 | |
| Mozilla Thunderbird | =0.7.1 | |
| Mozilla Mozilla | =1.7-rc2 | |
| Mozilla Mozilla | =1.7.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.mozilla.org/security/announce/mfsa2005-11.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=268107
- http://www.redhat.com/support/errata/RHSA-2005-094.html
- http://www.redhat.com/support/errata/RHSA-2005-323.html
- http://www.redhat.com/support/errata/RHSA-2005-335.html
- http://secunia.com/advisories/19823
- http://www.securityfocus.com/bid/12407
- http://www.novell.com/linux/security/advisories/2006_04_25.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19172
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11407
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100047
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/author
- agent/severity
- agent/remedy
- agent/description
- agent/event
- agent/tags
- agent/first-publish-date
- agent/source
- vendor/mozilla
- canonical/mozilla thunderbird
- version/mozilla thunderbird/0.6
- version/mozilla thunderbird/0.7.2
- canonical/mozilla mozilla
- version/mozilla mozilla/1.7-alpha
- version/mozilla mozilla/1.7-rc1
- version/mozilla mozilla/1.7
- version/mozilla mozilla/1.7-beta
- version/mozilla thunderbird/0.9
- version/mozilla mozilla/1.7.1
- version/mozilla thunderbird/0.7.3
- version/mozilla thunderbird/0.7
- version/mozilla mozilla/1.7.2
- version/mozilla mozilla/1.7-rc3
- version/mozilla thunderbird/0.7.1
- version/mozilla mozilla/1.7-rc2
- version/mozilla mozilla/1.7.3