Mozilla Thunderbird Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 27 Mar 2008 4445 Views

RISK: Medium Risk

Medium Risk

Multiple vulnerabilities have been identified in Mozilla Thunderbird, which could be exploited by attackers to bypass security restrictions, execute arbitrary scripting code, cause a denial of service or take complete control of an affected system.

1. Due to an error in the handling of "XPCNativeWrappers", which could be exploited by attackers to execute arbitrary code by calling "setTimeout()".

2. Due to input validation errors when handling JavaScript, which could be exploited to execute arbitrary scripting code.

3. Due to memory corruption errors in the layout and JavaScript engines when parsing malformed data, which could be exploited by attackers to crash a vulnerable application or execute arbitrary code.

Impact

  • Cross-Site Scripting
  • Denial of Service
  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • Mozilla Thunderbird version 2.0.0.12 and prior.

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Update to an upcoming version 2.0.0.13.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Mozilla Firefox and SeaMonkey Multiple Vulnerabilities

27 Mar 2008 4376 Views

Next

Cisco IOS Multiple Vulnerabilities

28 Mar 2008 4491 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY