Bugtraq mailing list archives
RE: [Full-disclosure] Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities
From: "Jay Stapleton" <jay.stapleton () computershare com>
Date: Thu, 2 Mar 2006 10:09:28 -0500
Or perhaps cache the images along with the message, to be deleted when the message is. That way one can open an email many times without accessing a web resource each time. It would also allow someone to forward a message, and include the content as it is currently, as opposed to how it may be in several hours. -Jay Stapleton. [quote] Hmmm. I didn't realise the "Show Images" setting got stored, and I don't think that's the best strategy from a privacy point of view. I take it you mean "stored for that one message", and not "stored for all messages from that sender", or "stored for all messages" - but still .... it would be better to not store it at all, IMHO. Users can always add senders to their Address Book if they want to evade the "block-images" feature. How about displaying more option buttons when remote images have been blocked ? e.g. : Show remote images this time only Always show remote images when this message is viewed Always show remote images from this sender Always show remote images Nick Boyce -- Never fdisk after midnight [/quote] ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com **********************************************************************
Current thread:
- Re: [Full-disclosure] Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities Daniel Veditz (Mar 01)
- <Possible follow-ups>
- Re: [Full-disclosure] Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities Nick Boyce (Mar 01)
- Re: [Full-disclosure] Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities Daniel Veditz (Mar 07)
- RE: [Full-disclosure] Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities Jay Stapleton (Mar 02)