Email Client Vulnerability in Netscape and Mozilla Products
CVE-2003-1265

Currently unrated

Key Information:

Vendor: Mozilla
Status: Mozilla; Navigator
Vendor: CVE Published:; 31 December 2003

Summary

The Netscape 7.0 and Mozilla 5.0 email clients fail to fully delete messages from the trash folder when users initiate the 'Empty Trash' command. This oversight can result in sensitive information being accessible to local users, allowing them to retrieve emails that were intended to be permanently deleted.

References

http://archives.neohapsis.com/archives/bugtraq/2002-12/02...

mailing-listx_refsource_BUGTRAQ

http://www.securitytracker.com/id?1005871

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/6499

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Nov 16, 2005
Vulnerability published
Dec 31, 2003