Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-0884Improper Input Validation in Thunderbird

CWE-20Improper Input Validation12 documents8 sources
Severity
9.3CRITICALNVD
EPSS
36.0%
top 2.90%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Mozilla ThunderbirdDebian FirefoxDebian Thunderbird
Timeline
PublishedFeb 24
Latest updateMay 3

Description

The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages4 packages

Debianmozilla/thunderbird< 1.5.0.2-1+3
NVDmozilla/thunderbird1.0.7+17
debiandebian/thunderbird< firefox 1.5.dfsg+1.5.0.2-1 (sid)
debiandebian/firefox< firefox 1.5.dfsg+1.5.0.2-1 (sid)

Patches

Patch: www.debian.orgPatch: www.debian.orgPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-f48c-g7r5-vhv8: The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 12022-05-03
OSV
CVE-2006-0884: The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 12006-02-24

💥Exploits & PoCs

1
Exploit-DB
Mozilla (Multiple Products) - iFrame JavaScript Execution2006-02-22

📋Vendor Advisories

3
Ubuntu
Thunderbird vulnerabilities2006-05-03
Red Hat
security flaw2006-04-21
Debian
CVE-2006-0884: firefox - The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 a...2006

💬Community

5
Bugzilla
CVE-2006-0884 security flaw2018-08-16
Bugzilla
CVE-2006-0884 JavaScript execution in mail when forwarding in-line2006-04-13
Bugzilla
CVE-2006-0884 JavaScript execution in mail when forwarding in-line2006-04-13
Bugzilla
CVE-2006-0884 JavaScript execution in mail when forwarding in-line2006-04-13
Bugzilla
CVE-2006-0884 JavaScript execution in mail when forwarding in-line2006-04-13