Mozilla Thunderbird Multiple Vulnerabilities Date: Friday, February 08, 2008 @ 14:47:36 CST Topic: Security SECUNIA ADVISORY ID: SA28808 VERIFY ADVISORY: http://secunia.com/advisories/28808/ CRITICAL: Highly critical IMPACT: Security Bypass, Exposure of sensitive information, DoS, System access SOFTWARE: Mozilla Thunderbird 2.x - http://secunia.com/product/14070/ DESCRIPTION: Some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or potentially to compromise a user's system. For more information: SA28622 SA28758. The vulnerabilities are reported in versions prior to 2.0.0.12. SOLUTION: Some of the vulnerabilities will be fixed in an upcoming version 2.0.0.12. Disabling Javascript can mitigate some of the vulnerabilities. ORIGINAL ADVISORY: Mozilla Foundation: http://www.mozilla.org/security/announce/2008/mfsa2008-01.html http://www.mozilla.org/security/announce/2008/mfsa2008-03.html http://www.mozilla.org/security/announce/2008/mfsa2008-05.html http://www.mozilla.org/security/announce/2008/mfsa2008-08.html OTHER REFERENCES: SA28622: http://secunia.com/advisories/28622/ SA28758: http://secunia.com/advisories/28758/ This article comes from Ravens PHP Scripts https://www.ravenphpscripts.com The URL for this story is: https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3227