Subject: | |
From: | |
Reply To: | |
Date: | Thu, 20 Nov 2008 13:29:49 -0600 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Synopsis: Moderate: thunderbird security update
Issue date: 2008-11-19
CVE Names: CVE-2008-5014 CVE-2008-5016 CVE-2008-5017
CVE-2008-5018 CVE-2008-5021 CVE-2008-5012
CVE-2008-5022 CVE-2008-5024
Several flaws were found in the processing of malformed HTML mail content.
An HTML mail message containing malicious content could cause Thunderbird
to crash or, potentially, execute arbitrary code as the user running
Thunderbird. (CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018,
CVE-2008-5021)
Several flaws were found in the way malformed HTML mail content was
processed. An HTML mail message containing specially-crafted content could
potentially trick a Thunderbird user into surrendering sensitive
information. (CVE-2008-5012, CVE-2008-5022, CVE-2008-5024)
SL 4.x
SRPMS:
thunderbird-1.5.0.12-17.el4.src.rpm
i386:
thunderbird-1.5.0.12-17.el4.i386.rpm
x86_64:
thunderbird-1.5.0.12-17.el4.x86_64.rpm
SL 5.x
SRPMS:
thunderbird-2.0.0.18-1.el5.src.rpm
i386:
thunderbird-2.0.0.18-1.el5.i386.rpm
x86_64:
thunderbird-2.0.0.18-1.el5.x86_64.rpm
-Connie Sieh
-Troy Dawson
|
|
|