User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.4) Gecko/20030529 Build Identifier: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.4) Gecko/20030529 HTML junk mail sometimes has IMG or IFRAME tags which clearly contain enough information to identify me. If Alice wanted to break into Bob's computer, Alice would send him an email which fetched an image from my web page. Then Alice would look through her server logs to find out what computer/operating system Bob uses, and Alice's next move would be to whack Bob with the appropriate buffer overrun attacks, without having to use a port scan that would be caught by Bob's network. Mozilla could help its adoption by paranoid corporate/government types by adding a "Disable HTTP in mail/news" option. Images bundled with the email would be considered safe for viewing, and involuntary form submissions would be blocked. Reproducible: Always Steps to Reproduce: 1. 2. 3.
What about : Edit\preferences\Privacy&Security\Do not load remote images in Mailnews Edit\Preferences\Advanced\Script&Plugins\Enable Plugin for Mailnews and View\Message Body as\Simple HTML View\Message Body as\Text *** This bug has been marked as a duplicate of 28327 ***
Status: UNCONFIRMED → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.