Closed
Bug 264828
Opened 20 years ago
Closed 20 years ago
Remote IFRAMES in html-coded email are loaded
Categories
(Thunderbird :: General, defect)
Tracking
(Not tracked)
People
(Reporter: bugreport, Assigned: mscott)
Details
Running GFI Software's email vulnerability tests, both Thunderbird 0.8 and Mozilla 1.7.3 will load and attempt to open an IFRAME in an html-coded email. In both cases, image loading was disabled. ------=_NextPart_000_001D_01C1FC09.DE06D720 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: 7bit <IFRAME src="http://www.gfisoftware.com/emailsecuritytest/exploit/sf.plx" width=0 height=0> </IFRAME>
Comment 1•20 years ago
|
||
No need for confidentiality, the bad guys know this one already. This was supposed to be fixed, but it appears the fix only worked in thunderbird. *** This bug has been marked as a duplicate of 28327 ***
Group: security
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•