Gentoo Linux Security Advisory GLSA 200805-18 - Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, SeaMonkey and XULRunner, some of which may allow user-assisted execution of arbitrary code. Versions less than 2.0.0.14 are affected.
0be1f28cc28c33f9527f262fab77a030b56ac3b42790cbcd8cb8957fadd87d38Debian Security Advisory 1506-2 - A regression has been fixed in iceape's frame handling code. Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite.
bc917c9a074c717bec02c4b74ae7fc0455b931a2e434ad745ae25f609e5fd350Debian Security Advisory 1485-2 - A regression has been fixed in icedove's frame handling code. Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client.
a6d426ec079f7f75028eaf841b1e52475921b8783d245d90205ba780078153d0Ubuntu Security Notice 582-2 - USN-582-1 fixed several vulnerabilities in Thunderbird. The upstream fixes were incomplete, and after performing certain actions Thunderbird would crash due to memory errors. This update fixes the problem.
fab13e0223aabbf6ace0e2087124c53fee125106a1dea684d9fcfafa86b17a7eMandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.12.
9ff0744156668166c4e03c21ca64c0864dd42bc9e497d903ea8be0be2de146f0Ubuntu Security Notice 582-1 - It was discovered that Thunderbird did not properly set the size of a buffer when parsing an external-body MIME-type. If a user were to open a specially crafted email, an attacker could cause a denial of service via application crash or possibly execute arbitrary code as the user. Various flaws were discovered in Thunderbird and its JavaScript engine. By tricking a user into opening a malicious message, an attacker could execute arbitrary code with the user's privileges. Various flaws were discovered in the JavaScript engine. By tricking a user into opening a malicious message, an attacker could escalate privileges within Thunderbird, perform cross-site scripting attacks and/or execute arbitrary code with the user's privileges. Gerry Eisenhaur discovered that the chrome URI scheme did not properly guard against directory traversal. Under certain circumstances, an attacker may be able to load files or steal session data. Ubuntu is not vulnerable in the default installation. Flaws were discovered in the BMP decoder. By tricking a user into opening a specially crafted BMP file, an attacker could obtain sensitive information.
31cdcf9f6b4dbcf4037d4938a5ae251012454561f1854e5d8d3001e650377ca6Debian Security Advisory 1506-1 - Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite.
4d6770cb76971796c0c006804774e270cb0405f86c9beab21b4cd6b10e03f9e2Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.12.
482bde078069b0f18326aa099ea41d73c4a617640b3a89f8d56895efe646567cDebian Security Advisory 1485-1 - Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. These allow for arbitrary code execution, privilege escalation, and more.
3e365dbba800b6a4e94ab3b87d1dd00796811c3c9dbbac66c1a4e7f09cdfe00bDebian Security Advisory 1484-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. These allow for arbitrary code execution, privilege escalation, and more.
76893811c4f62f4d878db38c6c63452a69841359f89e44634b5fbcb09b8b7296Debian Security Advisory 1489-1 - Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. These include arbitrary code execution, privilege escalation, and directory traversal flaws.
43e48acc32823c671aa5d0ce96fb6032885f942a876e0b4cc572d9328be2fee6Ubuntu Security Notice 576-1 - Code execution, cross site scripting, arbitrary upload, and a large amount of other vulnerabilities have been patched in Firefox.
6e23fc127e8464927d11756844b98df4706dfdbbb98e8fae12e67bec66a1da4d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed