Package(s):	courier	CVE #(s):	CAN-2005-2820
Created:	September 26, 2005	Updated:	October 11, 2005
Description:	Jakob Balle discovered that with "Conditional Comments" in Internet Explorer it is possible to hide javascript code in comments that will be executed when the browser views a malicious email via sqwebmail. Successful exploitation requires that the user is using Internet Explorer.
Alerts:	Ubuntu USN-201-1 courier 2005-10-11 Debian DSA-820-1 courier 2005-09-24

---

to post comments