Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.12 Multiple Remote Vulnerabilities

The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox 2.0.0.12 and prior versions.

Exploiting these issues can allow attackers to:

- steal authentication credentials
- obtain potentially sensitive information
- violate the same-origin policy
- execute scripts with elevated privileges
- cause denial-of-service conditions
- potentially execute arbitrary code
- perform cross-site request-forgery attacks

Other attacks are possible.

These issues are present in Firefox 2.0.0.12 and prior versions. Many of these issues are present in Mozilla Thunderbird 2.0.0.12 and prior versions as well as SeaMonkey 1.1.8 and prior versions.

UPDATE: Versions of Mozilla Thunderbird prior to 2.0.0.14 are affected by issues described in MFSA 2008-14 and MFSA 2008-15.


 

Privacy Statement
Copyright 2010, SecurityFocus