Debian DSA-1159-1 Critical: Mozilla Thunderbird Remote Code Execution
debian
August 28, 2006
everal security related problems have been discovered in Mozilla and derived products such as Mozilla Thunderbird
Summary
Mozilla team members discovered several crashes during testing of
the browser engine showing evidence of memory corruption which may
also lead to the execution of arbitrary code. The last bit of
this problem will be corrected with the next update. You can
prevent any trouble by disabling Javascript. [MFSA-2006-32]
CVE-2006-3805
The Javascript engine might allow remote attackers to execute
arbitrary code. [MFSA-2006-50]
CVE-2006-3806
Multiple integer overflows in the Javascript engine might allow
remote attackers to execute arbitrary code. [MFSA-2006-50]
CVE-2006-3807
Specially crafted Javascript allows remote attackers to execute
arbitrary code. [MFSA-2006-51]
CVE-2006-3808
Remote AutoConfig (PAC) servers could execute code with elevated
privileges via a specially crafted PAC script. [MFSA-2006-52]
CVE-2006-3809
Scripts with the UniversalBrowserRead privilege could gain
UniversalXPConnect privileges and po...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!