Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.9.
5c2c7d93049660ffeb7fc427cc6435f6ba3ab42a814acce6c691c62da72b64b2Debian Security Advisory 1391-1 - Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client.
0fd2dac5b0f1f89683b32b5407978d38835cbcbb2a326d49cd11d7daf010f237Ubuntu Security Notice 503-1 - Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious email, an attacker could execute arbitrary code with the user's privileges. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it. Jesper Johansson discovered that spaces and double-quotes were not correctly handled when launching external programs. In rare configurations, after tricking a user into opening a malicious email, an attacker could execute helpers with arbitrary arguments with the user's privileges.
fdc222ca45585dcaaf986348036154ccceb0b08ece8dd53b72a35eb3a03d01e2Gentoo Linux Security Advisory GLSA 200708-09 - Mozilla developers fixed several bugs, including an issue with modifying XPCNativeWrappers, a problem with event handlers executing elements outside of the document, and a cross-site scripting (XSS) vulnerability. They also fixed a problem with promiscuous IFRAME access and an XULRunner URL spoofing issue with the wyciwyg:// URI and HTTP 302 redirects. Denials of Service involving corrupted memory were fixed in the browser engine and the JavaScript engine. Finally, another XSS vulnerability caused by a regression in the CVE-2007-3089 patch was fixed. Versions less than 2.0.0.6 are affected.
764eb18f274a13a2519a59558d5e3a6de627854283160fa729985a477c6ca6a8Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.6.
09a93ae755c8850298dff969f0aaed4e9395ebe574184598d2c77a04e5ddd3f8Debian Security Advisory 1339-1 - Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite.
a8d6d010a984e1a64532f335ce92aa1f236237e0013c73b0916ee5eb051d2d94Debian Security Advisory 1338-1 - Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser.
3600b9279b98dec810d15d280abf91ec402cc43ebdb0bf2a653959295acd25efDebian Security Advisory 1337-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. These vulnerabilities range from cross site scripting to arbitrary code execution flaws.
caf99c2e0f0035b962c0967f4694b48897b5d59cdcb1f4b99a052dd8022a5767Ubuntu Security Notice 490-1 - A slew of vulnerabilities have been fixed in the Firefox browser. Too many to list, but we suggest upgrading now.
4c2895058ecfb4ae1b11af7afd580f2416642597addd5705e9f4d95880f30ea6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed