Debian Linux Security Advisory 2572-1 - Several vulnerabilities have been discovered in Iceape, an internet suite based on Seamonkey.
a7b45ed70a5d026cb655053709b31602
Debian Linux Security Advisory 2569-1 - Multiple vulnerabilities have been discovered in Icedove, Debian's version of the Mozilla Thunderbird mail client.
a87476f76b619fabb443b17cda219fda
Debian Linux Security Advisory 2565-1 - Multiple vulnerabilities have been discovered in Iceweasel, Debian's version of the Mozilla Firefox web browser.
7349ebaa10bd737230ba26d6beaacfa6
Ubuntu Security Notice 1611-1 - Henrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and others discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. CVE-2012-4191) David Bloom and Jordi Chancel discovered that Thunderbird did not always properly handle the <select> element. If a user were tricked into opening a malicious website and had JavaScript enabled, a remote attacker could exploit this to conduct URL spoofing and clickjacking attacks. Various other issues were also addressed.
551fa3229fb9b29d3907a3c6f2a0b2c6
Mandriva Linux Security Advisory 2012-163 - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and it is presumed that with enough effort at least some of these could be exploited to run arbitrary code. Various other issues have been addressed. The mozilla firefox packages has been upgraded to the latest version which is unaffected by these security flaws.
8a856a398612df134cc1928ef42424b9
Red Hat Security Advisory 2012-1350-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Two flaws in Firefox could allow a malicious website to bypass intended restrictions, possibly leading to information disclosure, or Firefox executing arbitrary code. Note that the information disclosure issue could possibly be combined with other flaws to achieve arbitrary code execution.
2fcc63b472e224018418a55700dc3d51
Red Hat Security Advisory 2012-1351-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Two flaws in Thunderbird could allow malicious content to bypass intended restrictions, possibly leading to information disclosure, or Thunderbird executing arbitrary code. Note that the information disclosure issue could possibly be combined with other flaws to achieve arbitrary code execution.
2f2954dae0940141824985ce9b324358
Ubuntu Security Notice 1600-1 - Henrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and others discovered several memory corruption flaws in Firefox. If a user were tricked into opening a specially crafted web page, a remote attacker could cause Firefox to crash or potentially execute arbitrary code as the user invoking the program. David Bloom and Jordi Chancel discovered that Firefox did not always properly handle the select element. A remote attacker could exploit this to conduct URL spoofing and clickjacking attacks. Various other issues were also addressed.
bcbb62a6681e2a12ab4d0efa1b2ab525