CVE-2006-1045

N/A Unknown

Published: March 07, 2006 Modified: April 16, 2026

Description

The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/19821

Source: cve@mitre.org

http://secunia.com/advisories/19823

Source: cve@mitre.org

http://secunia.com/advisories/19863

Source: cve@mitre.org

http://secunia.com/advisories/19902

Source: cve@mitre.org

http://secunia.com/advisories/19941

Source: cve@mitre.org

http://secunia.com/advisories/19950

Source: cve@mitre.org

http://secunia.com/advisories/20051

Source: cve@mitre.org

http://secunia.com/advisories/22065

Source: cve@mitre.org

http://securityreason.com/securityalert/514

Source: cve@mitre.org

http://www.debian.org/security/2006/dsa-1046

Source: cve@mitre.org

http://www.debian.org/security/2006/dsa-1051

Source: cve@mitre.org

http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml

Source: cve@mitre.org

http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:078

Source: cve@mitre.org

http://www.mozilla.org/security/announce/2006/mfsa2006-26.html

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2006_04_25.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2006-0330.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/426347

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/archive/1/446657/100/200/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/16881

Source: cve@mitre.org

http://www.securityfocus.com/bid/17516

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/1356

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/3749

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/24959

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10254

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1975

Source: cve@mitre.org

https://usn.ubuntu.com/276-1/

Source: cve@mitre.org

http://secunia.com/advisories/19821