Ravens PHP Scripts

Thunderbird Multiple Vulnerabilities
Date: Friday, December 21, 2007 @ 00:14:53 PST
Topic: Security


SECUNIA ADVISORY ID: SA28179

VERIFY ADVISORY:http://secunia.com/advisories/28179/

CRITICAL: Highly critical

IMPACT: DoS, System access
WHERE: >From remote

SOFTWARE: Mozilla Thunderbird 1.5.x - http://secunia.com/product/4652/

DESCRIPTION: Some vulnerabilities have been reported in Thunderbird, which potentially can be exploited by malicious people to compromise a user's system. The vulnerabilities are reported in versions prior to 1.5.0.14.




1) An error related to URI handlers potentially allows to execute arbitrary code. For more information see vulnerability #1 in: SA26096
2) Various errors in the browser engine and the Javascript engine can potentially be exploited by malicious people to compromise a user's system. For more information: SA27313

SOLUTION: Update to Thunderbird 1.5.0.14. - http://www.mozilla.com/en-US/thunderbird/releases/1.5.0.14.html

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: Mozilla Foundation:
http://www.mozilla.org/security/announce/2007/mfsa2007-29.html
http://www.mozilla.org/security/announce/2007/mfsa2007-40.html

OTHER REFERENCES:
SA26096: http://secunia.com/advisories/26096/
SA27313: http://secunia.com/advisories/27313/





This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3175