[PCWorks] Mozilla Thunderbird Multiple Vulnerabilities

  • From: "Clint Hamilton-PCWorks Admin" <PCWorks@xxxxxxxxxxxxxxxxxxxxxxxx>
  • To: "PCWorks@xxxxxxxxxxxxx" <pcworks@xxxxxxxxxxxxx>
  • Date: Fri, 14 Nov 2008 06:34:45 -0600

TITLE:
Mozilla Thunderbird Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA32715

VERIFY ADVISORY:
http://secunia.com/advisories/32715/

CRITICAL:
Highly critical

IMPACT:
System access, Exposure of sensitive information, Exposure of 
system information, Security Bypass

WHERE:
From remote

SOFTWARE:
Mozilla Thunderbird 2.x
http://secunia.com/advisories/product/14070/

DESCRIPTION:
Some vulnerabilities have been reported in Mozilla Thunderbird, 
which can be exploited by malicious people to disclose 
sensitive information, bypass certain security restrictions, or 
compromise a user's system.

For more information:
SA32693

The vulnerabilities are reported in versions prior to 2.0.0.18.

SOLUTION:
The vulnerabilities will be fixed in the upcoming 2.0.0.18 
version.

The vendor recommends disabling JavaScript support.

ORIGINAL ADVISORY:
http://www.mozilla.org/security/announce/2008/mfsa2008-48.html
http://www.mozilla.org/security/announce/2008/mfsa2008-50.html
http://www.mozilla.org/security/announce/2008/mfsa2008-52.html
http://www.mozilla.org/security/announce/2008/mfsa2008-55.html
http://www.mozilla.org/security/announce/2008/mfsa2008-56.html
http://www.mozilla.org/security/announce/2008/mfsa2008-58.html

OTHER REFERENCES:
SA32693:
http://secunia.com/advisories/32693/


=========================
The list's FAQ's can be seen by sending an email to 
PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line.

To unsubscribe, subscribe, set Digest or Vacation to on or off, go to 
//www.freelists.org/list/pcworks .  You can also send an email to 
PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line.  Your 
member list settings can be found at 
//www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks .  Once logged in, you have 
access to numerous other email options.  

The list archives are located at //www.freelists.org/archives/pcworks/ .  
All email posted to the list will be placed there in the event anyone needs to 
look for previous posts.
-zxdjhu-

Other related posts:

  1. Home
  2. pcworks
  3. Archive
  4. 11-2008