New Search

Mozilla Mail News Cookie Security Bypass Vulnerability

oval:org.mitre.oval:def:100047

Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference which could allow remote attackers bypass the user's intended privacy and security policy by using cookies in e-mail messages.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows XP
  • Microsoft Windows 2000
  • Microsoft Windows Server 2003
  • Microsoft Windows NT
Class:
vulnerability
Reference(s):
  • CVE-2005-0149
Product(s):
  • mozilla