full-disclosure-uk May 2007 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: [Full-disclosure] rPSA-2007-0112-1 firefox t

[Full-disclosure] rPSA-2007-0112-1 firefox thunderbird

From: rPath Update Announcements <announce-noreply_at_nospam>
Date: Thu May 31 2007 - 20:20:07 GMT
To: security-announce@lists.rpath.com, update-announce@lists.rpath.com


rPath Security Advisory: 2007-0112-1
Published: 2007-05-31
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:

    Indirect User Deterministic Unauthorized Access Updated Versions:

    firefox=/conary.rpath.com@rpl:devel//1/1.5.0.12-0.1-1     thunderbird=/conary.rpath.com@rpl:devel//1/1.5.0.12-0.1-1

References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1362 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1562 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2867 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2868 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2869 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2870 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2871     https://issues.rpath.com/browse/RPL-1424

Description:

    Previous versions of the firefox and thunderbird packages are vulnerable     to several types of attacks, some of which are understood to allow     compromised or malicious sites to run arbitrary code as the user running     the vulnerable application.

Copyright 2007 rPath, Inc.
This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/