TITLE: Mozilla Thunderbird Multiple Vulnerabilities Criticality level: Highly critical Impact: Security Bypass, Spoofing, Privilege escalation, System access Where: From remote http://secunia.com/advisories/41890/ DESCRIPTION: Some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious, local users to gain escalated privileges, and by malicious people to conduct spoofing attacks, bypass certain security restrictions, and potentially compromise a user's system. For more information: http://secunia.com/SA41244/ SOLUTION: Update to version 3.0.9 or 3.1.5. ORIGINAL ADVISORY: Mozilla: http://www.mozilla.org/security/announce/2010/mfsa2010-64.html http://www.mozilla.org/security/announce/2010/mfsa2010-65.html http://www.mozilla.org/security/announce/2010/mfsa2010-66.html http://www.mozilla.org/security/announce/2010/mfsa2010-67.html http://www.mozilla.org/security/announce/2010/mfsa2010-69.html http://www.mozilla.org/security/announce/2010/mfsa2010-70.html http://www.mozilla.org/security/announce/2010/mfsa2010-71.html http://www.mozilla.org/security/announce/2010/mfsa2010-72.html ZDI: http://www.zerodayinitiative.com/advisories/ZDI-10-219/ Westpoint Limited: http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt ========================= The list's FAQ's can be seen by sending an email to PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line. To unsubscribe, subscribe, set Digest or Vacation to on or off, go to //www.freelists.org/list/pcworks . You can also send an email to PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your member list settings can be found at //www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have access to numerous other email options. The list archives are located at //www.freelists.org/archives/pcworks/ . All email posted to the list will be placed there in the event anyone needs to look for previous posts. -zxdjhu-