funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Time to update Mozilla Thunderbird too

From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Sun, 28 Sep 2008 01:06:58 +0300 (EEST)
In case you missed this:

Heap overflow when canceling newsgroup message
http://www.mozilla.org/security/announce/2008/mfsa2008-46.html

"Georgi Guninski reported a buffer overflow in the handling of cancelled newsgroup messages. The error was caused by 
too small a heap buffer being allocated to store message header information. This buffer could be overrun by an 
attacker using a specially crafted message which could crash the mail reader and potentially be used to run arbitrary 
code on the victim's computer."

Solution:
Update to Thunderbird version 2.0.0.17 at
http://www.mozilla.com/en-US/thunderbird/all.html

Juha-Matti
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: