SECUNIA ADVISORY ID: SA33205
VERIFY ADVISORY: http://secunia.com/advisories/33205/
CRITICAL: Highly critical
IMPACT: Security Bypass, Cross Site Scripting, Exposure of sensitive information, System access.
SOFTWARE: Mozilla Thunderbird 2.x - http://secunia.com/advisories/product/14070/
DESCRIPTION: Some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, conduct cross-site scripting attacks, or potentially compromise a user's system. For more information: SA33184. The vulnerabilities are reported in version 2.0.0.18 and prior.
SOLUTION: Fixed in an upcoming 2.0.0.19 version. The vendor recommends disabling JavaScript until a fixed version is available.
ORIGINAL ADVISORY:
http://www.mozilla.org/security/announce/2008/mfsa2008-60.html
http://www.mozilla.org/security/announce/2008/mfsa2008-61.html
http://www.mozilla.org/security/announce/2008/mfsa2008-64.html
http://www.mozilla.org/security/announce/2008/mfsa2008-65.html
http://www.mozilla.org/security/announce/2008/mfsa2008-66.html
http://www.mozilla.org/security/announce/2008/mfsa2008-67.html
http://www.mozilla.org/security/announce/2008/mfsa2008-68.html
OTHER REFERENCES: SA33184: http://secunia.com/advisories/33184/
|
This article comes from Ravens PHP Scripts
https://www.ravenphpscripts.com
The URL for this story is:
https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3514
https://www.ravenphpscripts.com
The URL for this story is:
https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3514