Mozilla Thunderbird/Seamonkey/Firefox 184.108.40.206 Multiple Remote Vulnerabilities
The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox 220.127.116.11 and prior versions.
Exploiting these issues can allow attackers to:
- steal authentication credentials
- obtain potentially sensitive information
- violate the same-origin policy
- execute scripts with elevated privileges
- cause denial-of-service conditions
- potentially execute arbitrary code
- perform cross-site request-forgery attacks
Other attacks are possible.
These issues are present in Firefox 18.104.22.168 and prior versions. Many of these issues are present in Mozilla Thunderbird 22.214.171.124 and prior versions as well as SeaMonkey 1.1.8 and prior versions.
UPDATE: Versions of Mozilla Thunderbird prior to 126.96.36.199 are affected by issues described in MFSA 2008-14 and MFSA 2008-15.