Mozilla Thunderbird Multiple Vulnerabilities

Posted on Wednesday, December 17, 2008 @ 21:12:18 UTC in Security
by Raven

SECUNIA ADVISORY ID: SA33205
VERIFY ADVISORY: http://secunia.com/advisories/33205/
CRITICAL: Highly critical
IMPACT: Security Bypass, Cross Site Scripting, Exposure of sensitive information, System access.

SOFTWARE: Mozilla Thunderbird 2.x - http://secunia.com/advisories/product/14070/
DESCRIPTION: Some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, conduct cross-site scripting attacks, or potentially compromise a user's system. For more information: SA33184. The vulnerabilities are reported in version 2.0.0.18 and prior.

SOLUTION: Fixed in an upcoming 2.0.0.19 version. The vendor recommends disabling JavaScript until a fixed version is available.

ORIGINAL ADVISORY:
http://www.mozilla.org/security/announce/2008/mfsa2008-60.html
http://www.mozilla.org/security/announce/2008/mfsa2008-61.html
http://www.mozilla.org/security/announce/2008/mfsa2008-64.html
http://www.mozilla.org/security/announce/2008/mfsa2008-65.html
http://www.mozilla.org/security/announce/2008/mfsa2008-66.html
http://www.mozilla.org/security/announce/2008/mfsa2008-67.html
http://www.mozilla.org/security/announce/2008/mfsa2008-68.html

OTHER REFERENCES: SA33184: http://secunia.com/advisories/33184/
 
 
click Related        click Share
 
 
Associated Topics

Internet
 
News ©

Site Info

Last SeenLast Seen
  • neralex
  • nextgen
Server TrafficServer Traffic
  • Total: 481,646,261
  • Today: 13,563
Server InfoServer Info
  • Mar 29, 2024
  • 10:29 am UTC