New Search

Mozilla Mail News Cookie Security Bypass Vulnerability

oval:org.mitre.oval:def:100047

Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference which could allow remote attackers bypass the user's intended privacy and security policy by using cookies in e-mail messages.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows NT
  • Microsoft Windows XP
  • Microsoft Windows 2000
  • Microsoft Windows Server 2003
Class:
vulnerability
Reference(s):
  • CVE-2005-0149
Product(s):
  • mozilla