Debian 4.0 DSA-1485-1 Important: Icedove Remote Vulnerabilities Found
debian
February 10, 2008
Several remote vulnerabilities have been discovered in the Icedove mail
client, an unbranded version of the Thunderbird client
Topics Covered
Summary
Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul
Nickerson discovered crashes in the layout engine, which might allow
the execution of arbitrary code.
CVE-2008-0413
Carsten Book, Wesley Garland, Igor Bukanov, "moz_bug_r_a4", "shutdown",
Philip Taylor and "tgirmann" discovered crashes in the Javascript
engine, which might allow the execution of arbitrary code.
CVE-2008-0415
"moz_bug_r_a4" and Boris Zbarsky discovered discovered several
vulnerabilities in Javascript handling, which could allow
privilege escalation.
CVE-2008-0418
Gerry Eisenhaur and "moz_bug_r_a4" discovered that a directory
traversal vulnerability in chrome: URI handling could lead to
information disclosure.
CVE-2008-0419
David Bloom discovered a race condition in the image handling of
designMode elements, which can lead to information disclosure or
potentially the execution of arbitrary code.
CVE-2008-0591
Michal Zalewski di...
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!