CVE-2006-4570

Publication date 15 September 2006

Last updated 24 July 2024

Ubuntu priority

Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "Load Images" enabled, allows remote user-assisted attackers to bypass settings that disable JavaScript via a remote XBL file in a message that is loaded when the user views, forwards, or replies to the original message.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
mozilla-thunderbird	7.04 feisty	Fixed 1.5.0.13-0ubuntu0.7.04
	6.10 edgy	Fixed 1.5.0.13-0ubuntu0.6.10
	6.06 LTS dapper	Fixed 1.5.0.13-0ubuntu0.6.06

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-361-1
Mozilla vulnerabilities
10 October 2006

USN-350-1
Thunderbird vulnerabilities
22 September 2006

USN-352-1
Thunderbird vulnerabilities
25 September 2006

Other references

https://www.cve.org/CVERecord?id=CVE-2006-4570