Synopsis:	Moderate: thunderbird security update
Issue date:	2007-10-19
CVE Names:	CVE-2007-1095 CVE-2007-2292 CVE-2007-3511
                 CVE-2007-3844 CVE-2007-5334 CVE-2007-5337
                 CVE-2007-5338 CVE-2007-5339 CVE-2007-5340

Several flaws were found in the way in which Thunderbird processed 
certain malformed HTML mail content. An HTML mail message containing 
malicious content could cause Thunderbird to crash or potentially 
execute arbitrary code as the user running Thunderbird. JavaScript 
support is disabled by default in Thunderbird; these issues are not 
exploitable unless the user has enabled JavaScript.  (CVE-2007-5338, 
CVE-2007-5339, CVE-2007-5340)

Several flaws were found in the way in which Thunderbird displayed
malformed HTML mail content. An HTML mail message containing
specially-crafted content could potentially trick a user into 
surrendering sensitive information.  (CVE-2007-1095, CVE-2007-3844, 
CVE-2007-3511, CVE-2007-5334)

A flaw was found in the Thunderbird sftp protocol handler. A malicious 
HTML mail message could access data from a remote sftp site, possibly 
stealing sensitive user data. (CVE-2007-5337)

A request-splitting flaw was found in the way in which Thunderbird
generates a digest authentication request. If a user opened a
specially-crafted URL, it was possible to perform cross-site scripting
attacks, web cache poisoning, or other, similar exploits. (CVE-2007-2292)

SL 3.0.x

   SRPMS:
thunderbird-1.5.0.12-0.5.SL3.src.rpm
   i386:
thunderbird-1.5.0.12-0.5.SL3.i386.rpm
   x86_64:
thunderbird-1.5.0.12-0.5.SL3.i386.rpm
thunderbird-1.5.0.12-0.5.SL3.x86_64.rpm

SL 4.x

   SRPMS:
thunderbird-1.5.0.12-0.5.el4.src.rpm
   i386:
thunderbird-1.5.0.12-0.5.el4.i386.rpm
   x86_64:
thunderbird-1.5.0.12-0.5.el4.i386.rpm
thunderbird-1.5.0.12-0.5.el4.x86_64.rpm

SL 5.x

   SRPMS:
thunderbird-1.5.0.12-5.el5.src.rpm
   i386:
thunderbird-1.5.0.12-5.el5.i386.rpm
   x86_64:
thunderbird-1.5.0.12-5.el5.i386.rpm
thunderbird-1.5.0.12-5.el5.x86_64.rpm

-Connie Sieh
-Troy Dawson