Status Tracking Note TRTA08-087A

Mozilla Updates for Multiple Vulnerabilities

Overview

New versions of Firefox, Thunderbird, and SeaMonkey address several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary
Event Information


Date (UTC)Description
2008-05-09 13:11 US-CERT
Mozilla Releases Thunderbird 2.0.0.14
US-CERT Current Activity
Mozilla has released Thunderbird 2.0.0.14 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to escalate privileges or execute arbitrary code.
2008-05-01 Mozilla
Mozilla Thunderbird 2.0.0.14 Release
2008-03-27 20:34 US-CERT
TA08-087A: Mozilla Updates for Multiple Vulnerabilities
Via US-CERT Mailing List
New versions of Firefox, Thunderbird, and SeaMonkey address several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system.
2008-03-26 12:23 US-CERT
Mozilla Releases Firefox 2.0.0.13
US-CERT Current Activity
Mozilla has released Firefox 2.0.0.13. This version addresses multiple vulnerabilities that may allow an attacker to execute arbitrary code, bypass security restrictions, obtain sensitive information, or conduct cross-site scripting or phishing attacks. As described in the Mozilla Foundation Security Advisories, some of these vulnerabilities may also affect Thunderbird and SeaMonkey.
2008-03-26 10:24 SANS Internet Storm Center
Firefox 2.0.0.13 is out
A new version of Firefox, 2.0.0.13, has been released today.
2008-03-25 Mozilla
mfsa2008-16: HTTP Referrer spoofing with malformed URLs
2008-03-25 Mozilla
mfsa2008-15: Crashes with evidence of memory corruption (rv:1.8.1.13)
2008-03-25 Mozilla
mfsa2008-14: JavaScript privilege escalation and arbitrary code execution
2008-03-25 Mozilla
SeaMonkey 1.1.9 Release
2008-03-25 Mozilla
Mozilla Firefox 2.0.0.13 Release
2008-03-25 Mozilla
mfsa2008-19: XUL popup spoofing variant (cross-tab popups)
2008-03-25 Mozilla
mfsa2008-18: Java socket connection to any local port via LiveConnect
2008-03-25 Mozilla
mfsa2008-17: Privacy issue with SSL Client Authentication


Date first published (UTC): 2008-04-06T20:02+00:00
Date last updated (UTC): 2008-05-07T08:07+00:00
Valid HTML 4.01!