CVE-2006-4570

Publication date 15 September 2006

Last updated 24 July 2024

Ubuntu priority

Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "Load Images" enabled, allows remote user-assisted attackers to bypass settings that disable JavaScript via a remote XBL file in a message that is loaded when the user views, forwards, or replies to the original message.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
mozilla-thunderbird	7.04 feisty	Fixed 1.5.0.13-0ubuntu0.7.04
	6.10 edgy	Fixed 1.5.0.13-0ubuntu0.6.10
	6.06 LTS dapper	Fixed 1.5.0.13-0ubuntu0.6.06

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-361-1
Mozilla vulnerabilities
10 October 2006

USN-350-1
Thunderbird vulnerabilities
22 September 2006

USN-352-1
Thunderbird vulnerabilities
25 September 2006

Other references

https://www.cve.org/CVERecord?id=CVE-2006-4570