Mozilla Updates for Multiple Vulnerabilities
http://jvnrss.ise.chuo-u.ac.jp/jtg/trn/en/TRTA08-087A.html
JVNRSS based Status Tracking Notes: New versions of Firefox, Thunderbird, and SeaMonkey address several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitraryJVNRSS Feasibility Study Teamjvn@jvn.jpTRTA08-087A2008-05-07T08:07+00:002008-04-06T20:02+00:002008-05-07T08:07+00:00Mozilla Releases Thunderbird 2.0.0.14
http://www.us-cert.gov/current/archive/2008/05/09/archive.html#mozilla_releases_thunderbird_2_0
US-CERT Current Activity
Mozilla has released Thunderbird 2.0.0.14 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to escalate privileges or execute arbitrary code.
US-CERThttp://www.us-cert.gov/cas/techalerts/TA08-087A.html2008-05-09T09:11-04:002008-05-09T09:11-04:002008-05-09T09:11-04:00Mozilla Thunderbird 2.0.0.14 Release
http://www.mozilla.com/en-US/thunderbird/2.0.0.14/releasenotes/
Mozillahttp://www.us-cert.gov/cas/techalerts/TA08-087A.html2008-05-012008-05-012008-05-01Mozilla Updates for Multiple Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA08-087A.html
Via US-CERT Mailing List
New versions of Firefox, Thunderbird, and SeaMonkey address several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system.
US-CERTTA08-087Ahttp://www.us-cert.gov/cas/techalerts/TA08-087A.htmlhttp://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1233http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1234http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1235http://www.kb.cert.org/vuls/id/4665212008-03-27T16:34-04:002008-03-27T16:34-04:002008-03-27T16:34-04:00Mozilla Releases Firefox 2.0.0.13
http://www.us-cert.gov/current/archive/2008/03/26/archive.html#mozilla_releases_firefox_2_0
US-CERT Current Activity
Mozilla has released Firefox 2.0.0.13. This version addresses multiple vulnerabilities that may allow an attacker to execute arbitrary code, bypass security restrictions, obtain sensitive information, or conduct cross-site scripting or phishing attacks. As described in the Mozilla Foundation Security Advisories, some of these vulnerabilities may also affect Thunderbird and SeaMonkey.
US-CERThttp://www.us-cert.gov/cas/techalerts/TA08-087A.html2008-03-26T08:23-04:002008-03-26T08:23-04:002008-03-26T08:23-04:00Firefox 2.0.0.13 is out
http://isc.sans.org/diary.html?storyid=4196
A new version of Firefox, 2.0.0.13, has been released today.
SANS Internet Storm Centerhttp://www.us-cert.gov/cas/techalerts/TA08-087A.html2008-03-26T10:24+00:002008-03-26T10:24+00:002008-03-26T10:24+00:00HTTP Referrer spoofing with malformed URLs
http://www.mozilla.org/security/announce/2008/mfsa2008-16.html
Mozillamfsa2008-16http://www.us-cert.gov/cas/techalerts/TA08-087A.htmlhttp://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-12382008-03-252008-03-252008-03-25Crashes with evidence of memory corruption (rv:1.8.1.13)
http://www.mozilla.org/security/announce/2008/mfsa2008-15.html
Mozillamfsa2008-15http://www.us-cert.gov/cas/techalerts/TA08-087A.htmlhttp://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1236http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-12372008-03-252008-03-252008-03-25JavaScript privilege escalation and arbitrary code execution
http://www.mozilla.org/security/announce/2008/mfsa2008-14.html
Mozillamfsa2008-14http://www.us-cert.gov/cas/techalerts/TA08-087A.htmlhttp://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1233http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1234http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-12352008-03-252008-03-252008-03-25SeaMonkey 1.1.9 Release
http://www.mozilla.org/projects/seamonkey/releases/seamonkey1.1.9/
Mozillahttp://www.us-cert.gov/cas/techalerts/TA08-087A.html2008-03-252008-03-252008-03-25Mozilla Firefox 2.0.0.13 Release
http://www.mozilla.com/en-US/firefox/2.0.0.13/releasenotes/
Mozillahttp://www.us-cert.gov/cas/techalerts/TA08-087A.html2008-03-252008-03-252008-03-25XUL popup spoofing variant (cross-tab popups)
http://www.mozilla.org/security/announce/2008/mfsa2008-19.html
Mozillamfsa2008-19http://www.us-cert.gov/cas/techalerts/TA08-087A.htmlhttp://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-12412008-03-252008-03-252008-03-25Java socket connection to any local port via LiveConnect
http://www.mozilla.org/security/announce/2008/mfsa2008-18.html
Mozillamfsa2008-18http://www.us-cert.gov/cas/techalerts/TA08-087A.htmlhttp://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1195http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-12402008-03-252008-03-252008-03-25Privacy issue with SSL Client Authentication
http://www.mozilla.org/security/announce/2008/mfsa2008-17.html
Mozillamfsa2008-17http://www.us-cert.gov/cas/techalerts/TA08-087A.htmlhttp://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-48792008-03-252008-03-252008-03-25HPRyq4bLY7P6jokwt8pge4/Kz/o=cUnrMfn5QxDMnVtgwJmIdf+yhq8=I5Vo6ivXWfWrgKtxuV8nDkc5MTn/ZOaCsIpKWokdbCKZFA+t2BdFUPwtbg5uYzQcNU+vyt+0bY7TUtQsrL2/cxc5EBgok7pgqU6u0j3qH9lEY63urMyQtxB8+2UnnRAro7KFN06wSJ0HpxvX7YioAs6rx2LPfydGyJn1DBZfUvQ=MIIE1DCCA7ygAwIBAgIQfBHY/s5/LRzGChqXgtjCKTANBgkqhkiG9w0BAQUFADCB3TELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNTEeMBwGA1UECxMVUGVyc29uYSBOb3QgVmFsaWRhdGVkMTcwNQYDVQQDEy5WZXJpU2lnbiBDbGFzcyAxIEluZGl2aWR1YWwgU3Vic2NyaWJlciBDQSAtIEcyMB4XDTA3MDcwNTAwMDAwMFoXDTA4MDcwNDIzNTk1OVowggEhMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAuIGJ5IFJlZi4sTElBQi5MVEQoYyk5ODEeMBwGA1UECxMVUGVyc29uYSBOb3QgVmFsaWRhdGVkMTQwMgYDVQQLEytEaWdpdGFsIElEIENsYXNzIDEgLSBNaWNyb3NvZnQgRnVsbCBTZXJ2aWNlMSYwJAYDVQQDFB1KVk5SU1MgRmVhc2liaWxpdHkgU3R1ZHkgVGVhbTEfMB0GCSqGSIb3DQEJARYQanZucnNzQGlwYS5nby5qcDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsCjiweXb23sjKQajfCS8WiHjax1ppkfkjhN/SwBp/LOOXlpZpzW/lHtKSnWJLPOZzLxIJUWARTZ+T2y2wCzDnKU9TOkNx56u7iBhhATVRyPby22uRY0Pf+1uu8vnSZPvAR50FI9o2COo9xCqfXZWU/RNWSrsrxJd2XL4Y6sYzL0CAwEAAaOBzDCByTAJBgNVHRMEAjAAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHFwMwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTALBgNVHQ8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMEoGA1UdHwRDMEEwP6A9oDuGOWh0dHA6Ly9JbmRDMURpZ2l0YWxJRC1jcmwudmVyaXNpZ24uY29tL0luZEMxRGlnaXRhbElELmNybDANBgkqhkiG9w0BAQUFAAOCAQEAHbEsHsaKt3O4OUlcec2BOe+MAP4eGW5X494WdegnLEW4tlAxZvctmLeGr0VRXMtF1JumpTLQcdQvUFp15N2+RDa1PrMFrkrCz9BdextE/7mykda0DzsAvbroqHbsu3tZOhnE7T61ZxtBuXOC0jChphl96yDn8NxvebCwcApB46oeKSbAFT21HRIWGiCo1QaMvB390MzFfOFfft1oHivREyIjgXNyAUSTunj/rQhodTnQRVdRuVwa5KSUErWOnNFM2uuXaF/vJqVRX2QR6zr+S+JGbw3ykc/7zkixEBbkSv3wOTh7BmsXRzRvLcaD92ifxOqFxWHQxIqMSxsbJ6WyPQ==