Candidate: CVE-2008-6961
PublicDate: 2009-08-13 16:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6961
Description:
 mailnews in Mozilla Thunderbird before 2.0.0.18 and SeaMonkey before
 1.1.13, when JavaScript is enabled in mail, allows remote attackers to
 obtain sensitive information about the recipient, or comments in forwarded
 mail, via script that reads the (1) .documentURI or (2) .textContent DOM
 properties.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_mozilla-thunderbird:
upstream_mozilla-thunderbird: needs-triage
dapper_mozilla-thunderbird: ignored (reached end-of-life)
hardy_mozilla-thunderbird: DNE
intrepid_mozilla-thunderbird: DNE
jaunty_mozilla-thunderbird: DNE
devel_mozilla-thunderbird: DNE

Patches_thunderbird:
upstream_thunderbird: released (2.0.0.18)
dapper_thunderbird: DNE
hardy_thunderbird: released (2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1)
intrepid_thunderbird: released (2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1)
jaunty_thunderbird: released (2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1)
devel_thunderbird: not-affected (2.0.0.22+build1+nobinonly-0ubuntu3)

Patches_seamonkey:
upstream_seamonkey: released (1.1.13)
dapper_seamonkey: DNE
hardy_seamonkey: released (1.1.15+nobinonly-0ubuntu0.8.04.2)
intrepid_seamonkey: released (1.1.15+nobinonly-0ubuntu0.8.10.2)
jaunty_seamonkey: not-affected (1.1.15+nobinonly-0ubuntu2)
devel_seamonkey: not-affected (1.1.15+nobinonly-0ubuntu2)