Mozilla Thunderbird Multiple Vulnerabilities

Posted on Wednesday, March 26, 2008 @ 22:58:43 CDT in Security
by Raven

SECUNIA ADVISORY ID: SA29548

VERIFY ADVISORY: http://secunia.com/advisories/29548/

CRITICAL: Highly critical

IMPACT: Security Bypass, Cross Site Scripting, System access

SOFTWARE: Mozilla Thunderbird 2.x: http://secunia.com/product/14070/

SOLUTION: The vulnerabilities will be fixed in the upcoming 2.0.0.13 version.

DESCRIPTION: Some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or potentially compromise a user's system. For more information: SA29526. The vulnerabilities are reported in versions prior to 2.0.0.13.

ORIGINAL ADVISORY:
http://www.mozilla.org/security/announce/2008/mfsa2008-14.html
http://www.mozilla.org/security/announce/2008/mfsa2008-15.html

OTHER REFERENCES: SA29526: http://secunia.com/advisories/29526/