Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:23562
HistoryApr 06, 2010 - 12:00 a.m.

Mozilla Foundation Security Advisory 2010-23

2010-04-0600:00:00
vulners.com
15

Mozilla Foundation Security Advisory 2010-23

Title: Image src redirect to mailto: URL opens email editor
Impact: Low
Announced: March 30, 2010
Reporter: Henry Sudhof
Products: Firefox, SeaMonkey

Fixed in: Firefox 3.6.2
Firefox 3.5.9
SeaMonkey 2.0.4
Description

phpBB developer Henry Sudhof reported that when an image tag points to a resource that redirects to a mailto: URL, the external mail handler application is launched. This issue poses no security threat to users but could create an annoyance when browsing a site that allows users to post arbitrary images.

This issue has not been fixed in Firefox 3.0
References

* https://bugzilla.mozilla.org/show_bug.cgi?id=452093
* CVE-2010-0181
Related for SECURITYVULNS:DOC:23562