Debian Bug report logs -
#444010
CVE-2007-3734 Multiple unspecified vulnerabilities
Package:
icedove;
Maintainer for icedove is Carsten Schoenert <cschoenert@t-onlinede>; Source for icedove is src:thunderbird (PTS, buildd, popcon)
Reported by: Nico Golde <nion@debianorg>
Date: Tue, 25 Sep 2007 12:39:01 UTC
Severi ...
Various flaws were discovered in the layout and JavaScript engines By
tricking a user into opening a malicious email, an attacker could execute
arbitrary code with the user’s privileges Please note that JavaScript
is disabled by default for emails, and it is not recommended to enable it
(CVE-2007-3734, CVE-2007-3735, CVE-2007-3844) ...
A flaw was discovered in handling of “about:blank” windows used by
addons A malicious web site could exploit this to modify the contents,
or steal confidential data (such as passwords), of other web pages
(CVE-2007-3844) ...
Several remote vulnerabilities have been discovered in the Iceape internet
suite, an unbranded version of the Seamonkey Internet Suite The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2007-3844
moz_bug_r_a4 discovered that a regression in the handling of
about:blank windows used by addons may lead to ...
Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications The Common Vulnerabilities
and Exposures project identifies the following problems:
CVE-2007-3844
moz_bug_r_a4 discovered that a regression in the handling of
about:blank windows used by addons may lead to an attacker being
abl ...
Several remote vulnerabilities have been discovered in the Iceweasel web
browser, an unbranded version of the Firefox browser The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2007-3844
moz_bug_r_a4 discovered that a regression in the handling of
about:blank windows used by addons may lead to an attac ...
Several remote vulnerabilities have been discovered in the Icedove mail client,
an unbranded version of the Thunderbird client The Common Vulnerabilities and
Exposures project identifies the following problems:
CVE-2007-3734
Bernd Mielke, Boris Zbarsky, David Baron, Daniel Veditz, Jesse Ruderman,
Lukas Loehrer, Martijn Wargers, Mats Palmg ...
Mozilla Foundation Security Advisory 2007-26
Privilege escalation through chrome-loaded about:blank windows
Announced
July 30, 2007
Reporter
moz_bug_r_a4
Impact
Moderate
Products
Firefox, SeaMonkey, Thunderbird
Fixed in ...