[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-disclosure] rPSA-2007-0112-1 firefox thunderbird
From:       rPath Update Announcements <announce-noreply () rpath ! com>
Date:       2007-05-31 20:20:07
Message-ID: 465f2df7.IBm8BEyxfhsJb3Lr%announce-noreply () rpath ! com
[Download RAW message or body]

rPath Security Advisory: 2007-0112-1
Published: 2007-05-31
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
    Indirect User Deterministic Unauthorized Access
Updated Versions:
    firefox=/conary.rpath.com@rpl:devel//1/1.5.0.12-0.1-1
    thunderbird=/conary.rpath.com@rpl:devel//1/1.5.0.12-0.1-1

References:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1362
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1562
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2867
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2868
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2869
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2870
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2871
    https://issues.rpath.com/browse/RPL-1424

Description:
    Previous versions of the firefox and thunderbird packages are vulnerable
    to several types of attacks, some of which are understood to allow
    compromised or malicious sites to run arbitrary code as the user running
    the vulnerable application.

Copyright 2007 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]