Mozilla Client Products Multiple Remote Vulnerabilities
BID:20957
Info
Mozilla Client Products Multiple Remote Vulnerabilities
| Bugtraq ID: | 20957 |
| Class: | Unknown |
| CVE: |
CVE-2006-5463 CVE-2006-5464 CVE-2006-5747 CVE-2006-5748 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 07 2006 12:00AM |
| Updated: | Sep 04 2008 07:04PM |
| Credit: | shutdown, Jesse Ruderman, Martijn Wargers, and Igor Bukanov are credited with reporting these vulnerabilities. |
| Vulnerable: |
Ubuntu Ubuntu Linux 5.10 sparc Ubuntu Ubuntu Linux 5.10 powerpc Ubuntu Ubuntu Linux 5.10 i386 Ubuntu Ubuntu Linux 5.10 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 SuSE Linux Enterprise Server 10 Sun Solaris 9_x86 Sun Solaris 9 Sun Solaris 8_x86 Sun Solaris 8_sparc Sun Solaris 10_x86 Sun Solaris 10.0_x86 Sun Solaris 10.0 Sun Solaris 10 Slackware Linux 10.2 Slackware Linux 11.0 SGI ProPack 3.0 SP6 S.u.S.E. Novell Linux Desktop 9 S.u.S.E. Linux Professional 10.0 OSS S.u.S.E. Linux Professional 9.3 x86_64 S.u.S.E. Linux Professional 9.3 S.u.S.E. Linux Professional 10.1 S.u.S.E. Linux Personal 10.0 OSS S.u.S.E. Linux Personal 9.3 x86_64 S.u.S.E. Linux Personal 9.3 S.u.S.E. Linux Personal 10.1 rPath rPath Linux 1 Redhat Fedora Core6 Redhat Fedora Core5 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux WS 3 Redhat Enterprise Linux WS 2.1 IA64 Redhat Enterprise Linux WS 2.1 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux ES 3 Redhat Enterprise Linux ES 2.1 IA64 Redhat Enterprise Linux ES 2.1 Redhat Enterprise Linux AS 4 Redhat Enterprise Linux AS 3 Redhat Enterprise Linux AS 2.1 IA64 Redhat Enterprise Linux AS 2.1 Redhat Desktop 4.0 Redhat Desktop 3.0 Redhat Advanced Workstation for the Itanium Processor 2.1 IA64 Redhat Advanced Workstation for the Itanium Processor 2.1 Netscape Browser 8.1.2 Netscape Browser 8.0.4 Netscape Browser 8.0.3 .3 Netscape Browser 8.0.1 Netscape Browser 8.1 Netscape Browser 8.0 Mozilla Thunderbird 1.5 beta 2 Mozilla Thunderbird 1.5 Mozilla Thunderbird 1.0.8 Mozilla Thunderbird 1.0.7 Mozilla Thunderbird 1.0.6 Mozilla Thunderbird 1.0.5 Mozilla Thunderbird 1.0.2 Mozilla Thunderbird 1.0.1 Mozilla Thunderbird 1.0 Mozilla Thunderbird 1.5.0.7 Mozilla Thunderbird 1.5.0.5 Mozilla Thunderbird 1.5.0.4 Mozilla Thunderbird 1.5.0.2 Mozilla Thunderbird 1.5.0.1 Mozilla SeaMonkey 1.0.5 Mozilla SeaMonkey 1.0.3 Mozilla SeaMonkey 1.0.2 Mozilla SeaMonkey 1.0.1 Mozilla SeaMonkey 1.0 dev Mozilla SeaMonkey 1.0 Mozilla Firefox 1.5 beta 2 Mozilla Firefox 1.5 beta 1 Mozilla Firefox 1.5 .6 Mozilla Firefox 1.5 Mozilla Firefox 1.5.0.7 Mozilla Firefox 1.5.0.6 Mozilla Firefox 1.5.0.5 Mozilla Firefox 1.5.0.4 Mozilla Firefox 1.5.0.3 Mozilla Firefox 1.5.0.2 Mozilla Firefox 1.5.0.2 Mozilla Firefox 1.5.0.1 Mandriva Linux Mandrake 2007.0 x86_64 Mandriva Linux Mandrake 2007.0 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 HP HP-UX B.11.23 HP HP-UX B.11.11 HP HP-UX B.11.11 Gentoo Linux Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 Avaya Messaging Storage Server MM3.0 Avaya Interactive Response 1.3 Avaya Interactive Response 1.2.1 Avaya Interactive Response 3.0 Avaya Interactive Response 2.0 Avaya Interactive Response |
| Not Vulnerable: |
Netscape Browser 8.1.3 Mozilla Thunderbird 1.5.0.8 Mozilla SeaMonkey 1.0.6 Mozilla Firefox 1.5.0.8 |
Discussion
Mozilla Client Products Multiple Remote Vulnerabilities
The Mozilla Foundation has released two security advisories specifying vulnerabilities in Mozilla Firefox, SeaMonkey, and Thunderbird.
These vulnerabilities allow attackers to:
- Crash the applications and potentially execute arbitrary machine code in the context of the vulnerable applications.
- Run arbitrary JavaScript bytecode.
Other attacks may also be possible.
The issues described here will be split into individual BIDs as more information becomes available.
These issues are fixed in:
Mozilla Firefox 1.5.0.8
Mozilla Thunderbird 1.5.0.8
Mozilla SeaMonkey 1.0.6
The Mozilla Foundation has released two security advisories specifying vulnerabilities in Mozilla Firefox, SeaMonkey, and Thunderbird.
These vulnerabilities allow attackers to:
- Crash the applications and potentially execute arbitrary machine code in the context of the vulnerable applications.
- Run arbitrary JavaScript bytecode.
Other attacks may also be possible.
The issues described here will be split into individual BIDs as more information becomes available.
These issues are fixed in:
Mozilla Firefox 1.5.0.8
Mozilla Thunderbird 1.5.0.8
Mozilla SeaMonkey 1.0.6
Exploit / POC
Mozilla Client Products Multiple Remote Vulnerabilities
Some of the vulnerabilities described in this BID may not require exploits.
Proof-of-concept exploits may be available in the Mozilla Bugzilla database, but they are not currently available to the general public.
Some of the vulnerabilities described in this BID may not require exploits.
Proof-of-concept exploits may be available in the Mozilla Bugzilla database, but they are not currently available to the general public.
Solution / Fix
Mozilla Client Products Multiple Remote Vulnerabilities
Solution:
New versions of Firefox, SeaMonkey, Camino, and Thunderbird are available to address these issues. Most Mozilla applications have self-updating features that may be used to download and install fixes.
Please see the referenced advisories for information on obtaining and applying fixes.
Sun Solaris 10.0
Mozilla Firefox 1.5.0.3
Netscape Browser 8.0
Sun Solaris 8_sparc
Netscape Browser 8.1
Sun Solaris 10.0_x86
Mozilla Thunderbird 1.0.2
Mozilla Thunderbird 1.0.6
Netscape Browser 8.0.3 .3
Netscape Browser 8.0.4
Netscape Browser 8.1.2
Solution:
New versions of Firefox, SeaMonkey, Camino, and Thunderbird are available to address these issues. Most Mozilla applications have self-updating features that may be used to download and install fixes.
Please see the referenced advisories for information on obtaining and applying fixes.
Sun Solaris 10.0
Mozilla Firefox 1.5.0.3
-
SuSE MozillaFirefox-1.5.0.8-0.2.i586.rpm
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-1.5.0. 8-0.2.i586.rpm -
SuSE MozillaFirefox-1.5.0.8-0.2.ppc.rpm
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-1.5.0.8 -0.2.ppc.rpm -
SuSE MozillaFirefox-translations-1.5.0.8-0.2.i586.rpm
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-transl ations-1.5.0.8-0.2.i586.rpm -
SuSE MozillaFirefox-translations-1.5.0.8-0.2.ppc.rpm
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-transla tions-1.5.0.8-0.2.ppc.rpm
Netscape Browser 8.0
-
Netscape Netscape Browser 8.1.3
http://browser.netscape.com/ns8/download/default.jsp
Sun Solaris 8_sparc
-
Sun 120671-07
Mozilla 1.7 for Solaris 8 and 9 SPARC
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -120671-07-1 -
Sun 120671-08
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -120671-08-1
Netscape Browser 8.1
-
Netscape Netscape Browser 8.1.3
http://browser.netscape.com/ns8/download/default.jsp
Sun Solaris 10.0_x86
Mozilla Thunderbird 1.0.2
-
Debian mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_alpha.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_alpha.deb -
Debian mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_amd64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_amd64.deb -
Debian mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_arm.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_arm.deb -
Debian mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_hppa.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_hppa.deb -
Debian mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_i386.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_i386.deb -
Debian mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_ia64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_ia64.deb -
Debian mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_m68k.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_m68k.deb -
Debian mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_mips.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_mips.deb -
Debian mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_mipsel.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_mipsel.deb -
Debian mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_powerpc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_powerpc.deb -
Debian mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_s390.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_s390.deb -
Debian mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_sparc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-dev_1.0.2-2.sarge1.0.8d.1_sparc.deb -
Debian mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_alpha.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_alpha.deb -
Debian mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_amd64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_amd64.deb -
Debian mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_arm.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_arm.deb -
Debian mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_hppa.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_hppa.deb -
Debian mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_i386.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_i386.deb -
Debian mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_ia64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_ia64.deb -
Debian mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_m68k.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_m68k.deb -
Debian mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_mips.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_mips.deb -
Debian mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_mipsel.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_mipsel.deb -
Debian mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_powerpc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_powerpc.deb -
Debian mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_s390.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_s390.deb -
Debian mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_sparc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-inspector_1.0.2-2.sarge1.0.8d.1_sparc.deb -
Debian mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_alpha.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_alpha.deb -
Debian mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_amd64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_amd64.deb -
Debian mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_arm.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_arm.deb -
Debian mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_hppa.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_hppa.deb -
Debian mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_i386.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_i386.deb -
Debian mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_ia64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_ia64.deb -
Debian mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_m68k.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_m68k.deb -
Debian mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_mips.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_mips.deb -
Debian mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_mipsel.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_mipsel.deb -
Debian mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_powerpc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_powerpc.deb -
Debian mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_s390.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_s390.deb -
Debian mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_sparc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-offline_1.0.2-2.sarge1.0.8d.1_sparc.deb -
Debian mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_alpha.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_alpha.deb -
Debian mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_amd64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_amd64.deb -
Debian mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_arm.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_arm.deb -
Debian mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_hppa.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_hppa.deb -
Debian mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_i386.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_i386.deb -
Debian mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_ia64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_ia64.deb -
Debian mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_m68k.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_m68k.deb -
Debian mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_mips.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_mips.deb -
Debian mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_mipsel.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_mipsel.deb -
Debian mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_powerpc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_powerpc.deb -
Debian mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_s390.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_s390.deb -
Debian mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_sparc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8d.1_sparc.deb -
Debian mozilla-thunderbird_1.0.2-2.sarge1.0.8d.1_alpha.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird_1.0.2-2.sarge1.0.8d.1_alpha.deb -
Debian mozilla-thunderbird_1.0.2-2.sarge1.0.8d.1_amd64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird_1.0.2-2.sarge1.0.8d.1_amd64.deb -
Debian mozilla-thunderbird_1.0.2-2.sarge1.0.8d.1_arm.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird_1.0.2-2.sarge1.0.8d.1_arm.deb -
Debian mozilla-thunderbird_1.0.2-2.sarge1.0.8d.1_hppa.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird_1.0.2-2.sarge1.0.8d.1_hppa.deb -
Debian mozilla-thunderbird_1.0.2-2.sarge1.0.8d.1_i386.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird_1.0.2-2.sarge1.0.8d.1_i386.deb -
Debian mozilla-thunderbird_1.0.2-2.sarge1.0.8d.1_ia64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird_1.0.2-2.sarge1.0.8d.1_ia64.deb -
Debian mozilla-thunderbird_1.0.2-2.sarge1.0.8d.1_m68k.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird_1.0.2-2.sarge1.0.8d.1_m68k.deb -
Debian mozilla-thunderbird_1.0.2-2.sarge1.0.8d.1_mips.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird_1.0.2-2.sarge1.0.8d.1_mips.deb -
Debian mozilla-thunderbird_1.0.2-2.sarge1.0.8d.1_mipsel.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird_1.0.2-2.sarge1.0.8d.1_mipsel.deb -
Debian mozilla-thunderbird_1.0.2-2.sarge1.0.8d.1_powerpc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird_1.0.2-2.sarge1.0.8d.1_powerpc.deb -
Debian mozilla-thunderbird_1.0.2-2.sarge1.0.8d.1_s390.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird_1.0.2-2.sarge1.0.8d.1_s390.deb -
Debian mozilla-thunderbird_1.0.2-2.sarge1.0.8d.1_sparc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/moz illa-thunderbird_1.0.2-2.sarge1.0.8d.1_sparc.deb
Mozilla Thunderbird 1.0.6
-
SuSE MozillaThunderbird-1.5.0.8-0.2.ppc.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaThunderbir d-1.5.0.8-0.2.ppc.rpm -
SuSE MozillaThunderbird-1.5.0.8-0.2.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/MozillaThunder bird-1.5.0.8-0.2.x86_64.rpm
Netscape Browser 8.0.3 .3
-
Netscape Netscape Browser 8.1.3
http://browser.netscape.com/ns8/download/default.jsp
Netscape Browser 8.0.4
-
Netscape Netscape Browser 8.1.3
http://browser.netscape.com/ns8/download/default.jsp
Netscape Browser 8.1.2
-
Netscape Netscape Browser 8.1.3
http://browser.netscape.com/ns8/download/default.jsp
References
Mozilla Client Products Multiple Remote Vulnerabilities
References:
References:
- ASA-2006-246 - firefox security update (RHSA-2006-0733) (Avaya)
- Mozilla Foundation Security Advisory 2006-65 (Mozilla)
- Mozilla Foundation Security Advisory 2006-67 (Mozilla)
- RHSA-2006-0735 - thunderbird security update (RedHat)
- RHSA-2006:0733-4 - firefox security update (RedHat)
- RHSA-2006:0734-5 - seamonkey security update (RedHat)
- Security Alerts (Netscape)
- Slackware Security 2006 (Slackware)
- Vulnerability Note VU#390480 (Mozilla products vulnerable to memory corruption) (US-CERT)
- Vulnerability Note VU#495288 (Mozilla products contain several unspecified error (US-CERT)
- Vulnerability Note VU#815432 (Mozilla XML.prototype.hasOwnProperty() method memo (US-CERT)
- [SECURITY] Fedora Core 5 Update: thunderbird-1.5.0.8-1.fc5 (RedHat)
- [SECURITY] Fedora Core 6 Update: devhelp-0.12-8.fc6 (RedHat)
- [SECURITY] Fedora Core 6 Update: epiphany-2.16.0-5.fc6 (RedHat)
- [SECURITY] Fedora Core 6 Update: firefox-1.5.0.8-1.fc6 (RedHat)
- [SECURITY] Fedora Core 6 Update: thunderbird-1.5.0.8-1.fc6 (RedHat)
- [SECURITY] Fedora Core 6 Update: yelp-2.16.0-10.fc6 (RedHat)
- ASA-2007-334 Security Vulnerability in Mozilla 1.7 May Allow Arbitrary JavaScrip (Avaya)
- ASA-2007-467 Multiple Security Vulnerabilities in the JavaScript Engine in Mozil (Avaya)
- ASA-2007-470 Multiple Memory Corruption Vulnerabilities in Layout Engine for Moz (Avaya)
- Fedora Security Update Fixes Mozilla Firefox Command Execution Vulnerabilities (FrSIRT)
- Fedora Security Update Fixes Mozilla Thunderbird Code Execution Vulnerabilities (FrSIRT)
- HPSBUX02153 SSRT061181 rev.5 - HP-UX Running Firefox, Remote Unauthorized Access (HP)
- HPSBUX02156 SSRT061236 rev.2 - HP-UX Running (HP)
- Solution 201335: Multiple Security Vulnerabilities in the JavaScript Engine in M (Sun Microsystems)
- Sun Alert ID: 103011 Security Vulnerability in Mozilla 1.7 May Allow Arbitrary J (Sun)
- Sun Alert ID: 103121 Multiple Memory Corruption Vulnerabilities in Layout Engine (Sun)
- Sun Alert ID: 103139 Multiple Security Vulnerabilities in the JavaScript Engine (Sun)
- Technical Cyber Security Alert TA06-312A Mozilla Updates for Multiple Vulnerabil (US-CERT)
- Vulnerability Note VU#714496 Mozilla products allow execution of arbitrary JavaS (US-CERT)