Mozilla Thunderbird is a standalone mail and newsgroup client.
Several flaws were found in the way Thunderbird processed certain malformed
JavaScript code. A web page containing malicious JavaScript code could
cause Thunderbird to crash or potentially execute arbitrary code
as the user running Thunderbird. (CVE-2007-2867, CVE-2007-2868)
Several denial of service flaws were found in the way Thunderbird handled
certain form and cookie data. A malicious web site that is able to set
arbitrary form and cookie data could prevent Thunderbird from
functioning properly. (CVE-2007-1362, CVE-2007-2869)
A flaw was found in the way Thunderbird processed certain APOP
authentication requests. By sending certain responses when Thunderbird
attempted to authenticate against an APOP server, a remote attacker could
potentially acquire certain portions of a user’s authentication
credentials. (CVE-2007-1558)
A flaw was found in the way Thunderbird displayed certain web content. A
malicious web page could generate content which could overlay user
interface elements such as the hostname and security indicators, tricking
users into thinking they are visiting a different site. (CVE-2007-2871)
Users of Thunderbird are advised to apply this update, which contains
Thunderbird version 1.5.0.12 that corrects these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | ppc | thunderbird | < 1.5.0.12-0.1.el4 | thunderbird-1.5.0.12-0.1.el4.ppc.rpm |
RedHat | 5 | x86_64 | thunderbird | < 1.5.0.12-1.el5 | thunderbird-1.5.0.12-1.el5.x86_64.rpm |
RedHat | 5 | i386 | thunderbird | < 1.5.0.12-1.el5 | thunderbird-1.5.0.12-1.el5.i386.rpm |
RedHat | 4 | x86_64 | thunderbird | < 1.5.0.12-0.1.el4 | thunderbird-1.5.0.12-0.1.el4.x86_64.rpm |
RedHat | 4 | s390 | thunderbird | < 1.5.0.12-0.1.el4 | thunderbird-1.5.0.12-0.1.el4.s390.rpm |
RedHat | 4 | s390x | thunderbird | < 1.5.0.12-0.1.el4 | thunderbird-1.5.0.12-0.1.el4.s390x.rpm |
RedHat | 4 | ia64 | thunderbird | < 1.5.0.12-0.1.el4 | thunderbird-1.5.0.12-0.1.el4.ia64.rpm |
RedHat | 4 | i386 | thunderbird | < 1.5.0.12-0.1.el4 | thunderbird-1.5.0.12-0.1.el4.i386.rpm |
RedHat | 5 | src | thunderbird | < 1.5.0.12-1.el5 | thunderbird-1.5.0.12-1.el5.src.rpm |
RedHat | 4 | src | thunderbird | < 1.5.0.12-0.1.el4 | thunderbird-1.5.0.12-0.1.el4.src.rpm |