Alerts This Week
Warning Icon 1 566
Alerts This Week
Warning Icon 1 566

Scientific Linux 6: Critical Thunderbird Update for Security Issues

Calendar Mar 04, 2011 User Avatar LinuxSecurity Advisories
1 - 2 min read
Scientific Large Esm H500
Topics%20covered

Topics Covered

security advisory critical malicious content thunderbird sl6 html issue jpeg flaw
Critical: thunderbird security update 
Date: Fri, 4 Mar 2011 15:20:18 -0600
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux
 
From: Troy Dawson 
Subject: Security ERRATA Critical: thunderbird on SL6.x i386/x86_64
Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it."
 

Synopsis:	Critical: thunderbird security update
Issue date:	2011-03-01
CVE Names:	CVE-2010-1585 CVE-2011-0053 CVE-2011-0061
 CVE-2011-0062

Several flaws were found in the processing of malformed HTML content.
Malicious HTML content could cause Thunderbird to crash or, potentially,
execute arbitrary code with the privileges of the user running
Thunderbird. (CVE-2010-1585, CVE-2011-0053, CVE-2011-0062)

A flaw was found in the way Thunderbird handled malformed JPEG images.
An HTML mail message containing a malicious JPEG image could cause
Thunderbird to crash or, potentially, execute arbitrary code with the
privileges of the user running Thunderbird. (CVE-2011-0061)

All running instances of Thunderbird must be restarted for the update to
take effect.

SL 6.x

 SRPMS:
thunderbird-3.1.8-4.el6_0.src.rpm
 i386:
thunderbird-3.1.8-4.el6_0.i686.rpm
 x86_64:
thunderbird-3.1.8-4.el6_0.x86_64.rpm

-Connie Sieh
-Troy Dawson

Related News

Your message here