Debian: DSA-868-1 Critical: Mozilla Thunderbird Remote Exploits Threat
debian
October 20, 2005
Updated package.
Topics Covered
Summary
Tom Ferris discovered a bug in the IDN hostname handling of
Mozilla that allows remote attackers to cause a denial of service
and possibly execute arbitrary code via a hostname with dashes.
CAN-2005-2701
A buffer overflow allows remote attackers to execute arbitrary
code via an XBM image file that ends in a large number of spaces
instead of the expected end tag.
CAN-2005-2702
Mats Palmgren discovered a buffer overflow in the Unicode string
parser that allowas a specially crafted unicode sequences to
overflow a buffer and cause arbitrary code to be executed.
CAN-2005-2703
Remote attackers could spoof HTTP headers of XML HTTP requests
via XMLHttpRequest and possibly use the client to exploit
vulnerabilities in servers or proxies.
CAN-2005-2704
Remote attackers could spoof DOM objects via an XBL control that
implements an internal XPCOM interface.
CAN-2005-2705
Georgi Guninski discovered an integer overflow in the J...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!