Ravens PHP Scripts

Mozilla Thunderbird Multiple Vulnerabilities
Date: Friday, February 08, 2008 @ 14:47:36 PST
Topic: Security


SECUNIA ADVISORY ID: SA28808

VERIFY ADVISORY: http://secunia.com/advisories/28808/

CRITICAL: Highly critical

IMPACT: Security Bypass, Exposure of sensitive information, DoS, System access

SOFTWARE: Mozilla Thunderbird 2.x - http://secunia.com/product/14070/

DESCRIPTION: Some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or potentially to compromise a user's system. For more information: SA28622 SA28758. The vulnerabilities are reported in versions prior to 2.0.0.12.



SOLUTION: Some of the vulnerabilities will be fixed in an upcoming version 2.0.0.12. Disabling Javascript can mitigate some of the vulnerabilities.

ORIGINAL ADVISORY: Mozilla Foundation:
http://www.mozilla.org/security/announce/2008/mfsa2008-01.html
http://www.mozilla.org/security/announce/2008/mfsa2008-03.html
http://www.mozilla.org/security/announce/2008/mfsa2008-05.html
http://www.mozilla.org/security/announce/2008/mfsa2008-08.html

OTHER REFERENCES:
SA28622: http://secunia.com/advisories/28622/
SA28758: http://secunia.com/advisories/28758/






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3227