Bug 183554 - CVE-2006-0749 Thunderbird Tag Order Vulnerability
Summary: CVE-2006-0749 Thunderbird Tag Order Vulnerability
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: thunderbird
Version: 4
Hardware: All
OS: Linux
medium
urgent
Target Milestone: ---
Assignee: Christopher Aillon
QA Contact:
URL:
Whiteboard: source=mozilla,reported=20051213,emba...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-03-01 21:48 UTC by Josh Bressers
Modified: 2007-11-30 22:11 UTC (History)
2 users (show)

Fixed In Version: 1.0.8-1.1.fc4
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-07-25 23:55:20 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Josh Bressers 2006-03-01 21:48:38 UTC 
+++ This bug was initially created as a clone of Bug #183537 +++

There exists a remotely exploitable code execution vulnerability in Thunderbird
related to the order tags appear in an HTML document.  It is possible
for a malicious web page to execute arbitrary code as the user running Thunderbird.


-- Additional comment from bressers on 2006-03-01 16:01 EST --
Created an attachment (id=125496)
Proposed upstream patch

This patch should apply to aviary 1.0.7 and mozilla 1.7.12
Comment 1 Josh Bressers 2006-04-24 12:31:12 UTC 
Lifting embargo
Comment 2 Matthew Miller 2006-07-25 23:55:20 UTC 
This was fixed in the update to thunderbird 1.0.8, but the bug was never
updated. Marking closed now.
Note You need to log in before you can comment on or make changes to this bug.