Eight Severe Vulnerabilities in Firefox, Thunderbird, and SeaMonkey

Eight vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, and SeaMonkey. Some of the vulnerabilities might allow a remote intruder to take complete control of an affected system, or to disclose sensitive information, or bypass security restrictions.

The vulnerabilities include a buffer overflow when processing specially regular expressions in Javascript, a problem blocking the execution of JavaScript, a certificate validation error, the ability to forge digital signatures, two memory corruption errors, a problem with cross-site scripting, and a security context error when blocking pop-ups.

Mozilla considers four the vulnerabilities as criticial, one as high importance, two as moderate, and one as low. The company released Firefox 1.5.0.7, Thunderbird 1.5.0.7, and SeaMonkey 1.0.5 to correct the problems.


Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish