Ravens PHP Scripts

Mozilla Thunderbird Multiple Vulnerabilities
Date: Wednesday, September 24, 2008 @ 20:34:04 PDT
Topic: Security


SECUNIA ADVISORY ID: SA32007

VERIFY ADVISORY: http://secunia.com/advisories/32007/

CRITICAL: Highly critical

IMPACT: Security Bypass, Exposure of system information, Exposure of sensitive information, DoS, System access

SOFTWARE: Mozilla Thunderbird 2.x - http://secunia.com/advisories/product/14070/

DESCRIPTION: Some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, to disclose sensitive information, or to potentially compromise a user's system. For more information: SA31984. The vulnerabilities are reported in versions prior to 2.0.0.17. The vendor recommends disabling JavaScript until an update is available.



SOLUTION: Update to version 2.0.0.17 when it becomes available.

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY:
http://www.mozilla.org/security/announce/2008/mfsa2008-38.html
http://www.mozilla.org/security/announce/2008/mfsa2008-41.html
http://www.mozilla.org/security/announce/2008/mfsa2008-42.html
http://www.mozilla.org/security/announce/2008/mfsa2008-43.html
http://www.mozilla.org/security/announce/2008/mfsa2008-44.html

OTHER REFERENCES: SA31984: http://secunia.com/advisories/31984/






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3457