Vulnerability Name:

CVE-2006-0884 (CCN-24865)

Assigned:2006-02-24
Published:2006-02-24
Updated:2018-10-18
Summary:The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail.
CVSS v3 Severity:4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-20
Vulnerability Consequences:Gain Access
References:Source: SCO
Type: UNKNOWN
SCOSA-2006.26

Source: SGI
Type: UNKNOWN
20060404-01-U

Source: CCN
Type: Full-Disclosure Mailing List, Wed Feb 22 2006 - 11:51:05 CST
Mozilla Thunderbird : Remote Code Execution & Denial of Service

Source: MITRE
Type: CNA
CVE-2006-0884

Source: SUSE
Type: UNKNOWN
SUSE-SA:2006:021

Source: CCN
Type: RHSA-2006-0329
mozilla security update

Source: CCN
Type: RHSA-2006-0330
thunderbird security update

Source: SECUNIA
Type: Vendor Advisory
19721

Source: SECUNIA
Type: Vendor Advisory
19811

Source: SECUNIA
Type: Vendor Advisory
19821

Source: SECUNIA
Type: Vendor Advisory
19823

Source: SECUNIA
Type: Vendor Advisory
19863

Source: SECUNIA
Type: Vendor Advisory
19902

Source: SECUNIA
Type: Vendor Advisory
19941

Source: SECUNIA
Type: Vendor Advisory
19950

Source: SECUNIA
Type: Vendor Advisory
20051

Source: SECUNIA
Type: Vendor Advisory
21033

Source: SECUNIA
Type: Vendor Advisory
21622

Source: SECUNIA
Type: Vendor Advisory
22065

Source: CCN
Type: SECTRACK ID: 1015665
Mozilla Thunderbird Validation Error in IFRAME SRC Tag Lets Remote Users Execute Arbitrary Javascript

Source: SECTRACK
Type: Exploit
1015665

Source: CCN
Type: Sun Alert ID: 102550
Multiple Security Vulnerabilites in Mozilla 1.4 and 1.7 for Solaris and for Sun JDS for Linux

Source: SUNALERT
Type: UNKNOWN
102550

Source: SUNALERT
Type: UNKNOWN
228526

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm

Source: CCN
Type: ASA-2007-135
HP-UX Running Thunderbird Remote Unauthorized Access or Elevation of Privileges or Denial of Service (HPSBUX02156)

Source: DEBIAN
Type: Patch
DSA-1046

Source: DEBIAN
Type: Patch
DSA-1051

Source: DEBIAN
Type: DSA-1046
mozilla -- several vulnerabilities

Source: DEBIAN
Type: DSA-1051
mozilla-thunderbird -- several vulnerabilities

Source: CCN
Type: GLSA-200604-18
Mozilla Suite: Multiple vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200604-18

Source: CCN
Type: GLSA-200605-09
Mozilla Thunderbird: Multiple vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200605-09

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:052

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:076

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:078

Source: CCN
Type: Mozilla Web site
Mozilla Products

Source: CONFIRM
Type: Vendor Advisory
http://www.mozilla.org/security/announce/2006/mfsa2006-21.html

Source: SUSE
Type: UNKNOWN
SUSE-SA:2006:022

Source: OSVDB
Type: UNKNOWN
23653

Source: CCN
Type: OSVDB ID: 23653
Mozilla Thunderbird Mail Content iframe src Validation Failure XSS

Source: REDHAT
Type: UNKNOWN
RHSA-2006:0329

Source: REDHAT
Type: UNKNOWN
RHSA-2006:0330

Source: BUGTRAQ
Type: UNKNOWN
20060222 Mozilla Thunderbird : Remote Code Execution & Denial of Service

Source: FEDORA
Type: UNKNOWN
FLSA:189137-1

Source: HP
Type: UNKNOWN
HPSBUX02122

Source: HP
Type: UNKNOWN
SSRT061236

Source: BID
Type: Exploit, Patch
16770

Source: CCN
Type: BID-16770
Multiple Mozilla Products IFRAME JavaScript Execution Vulnerability

Source: CCN
Type: USN-276-1
Thunderbird vulnerabilities

Source: VUPEN
Type: Vendor Advisory
ADV-2006-3749

Source: XF
Type: UNKNOWN
thunderbird-wysiwyg-xss(24865)

Source: XF
Type: UNKNOWN
mozilla-inline-fwd-code-execution(25983)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10782

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:2024

Source: UBUNTU
Type: UNKNOWN
USN-276-1

Source: SUSE
Type: SUSE-SA:2006:021
Mozilla Firefox and Mozilla suite various security problems

Source: SUSE
Type: SUSE-SA:2006:022
MozillaThunderbird various problems

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mozilla:thunderbird:0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.7:-:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0:-:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:*:*:*:*:*:*:*:* (Version <= 1.0.7)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0:-:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.0::oss:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20060884
    V
    		CVE-2006-0884
    2015-11-16
    oval:org.mitre.oval:def:10782
    V
    		The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail.
    2013-04-29
    oval:org.mitre.oval:def:2024
    V
    		Mozilla JavaScript Execution in Mail When Forwarding In-line
    2011-02-21
    oval:org.debian:def:1051
    V
    		several vulnerabilities
    2006-05-04
    oval:org.debian:def:1046
    V
    		several vulnerabilities
    2006-04-27
    oval:com.redhat.rhsa:def:20060329
    P
    		RHSA-2006:0329: mozilla security update (Critical)
    2006-04-25
    oval:com.redhat.rhsa:def:20060330
    P
    		RHSA-2006:0330: thunderbird security update (Critical)
    2006-04-25
    BACK
    mozilla thunderbird 0.1
    mozilla thunderbird 0.2
    mozilla thunderbird 0.3
    mozilla thunderbird 0.4
    mozilla thunderbird 0.5
    mozilla thunderbird 0.6
    mozilla thunderbird 0.7
    mozilla thunderbird 0.7.1
    mozilla thunderbird 0.7.2
    mozilla thunderbird 0.7.3
    mozilla thunderbird 0.8
    mozilla thunderbird 0.9
    mozilla thunderbird 1.0
    mozilla thunderbird 1.0.1
    mozilla thunderbird 1.0.2
    mozilla thunderbird 1.0.5
    mozilla thunderbird 1.0.6
    mozilla thunderbird *
    mozilla thunderbird 1.0.1
    mozilla thunderbird 1.0.2
    mozilla thunderbird 1.0.6
    mozilla thunderbird 1.0.7
    mozilla thunderbird 1.0
    mozilla thunderbird 1.0.4
    mozilla thunderbird 1.0.5
    gentoo linux *
    suse linux enterprise server 8
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    suse suse linux 9.1
    redhat enterprise linux 3
    suse suse linux 9.2
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    debian debian linux 3.1
    suse suse linux 10.0
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 2006
    mandrakesoft mandrake linux 2006
    mandrakesoft mandrake linux corporate server 3.0
    suse suse linux 9.3