Georgi Guninski, Michal Zalewsk and Chris Evans discovered that the same-origin
check in Thunderbird could be bypassed If a user were tricked into opening a
malicious website, an attacker could obtain private information from data
stored in the images, or discover information about software on the user’s
computer (CVE-2008-5012) ...
Liu Die Yu discovered an information disclosure vulnerability in Firefox
when using saved url shortcut files If a user were tricked into
downloading a crafted url file and a crafted HTML file, an attacker
could steal information from the user’s cache (CVE-2008-4582) ...
Synopsis
Critical: firefox security update
Type/Severity
Security Advisory: Critical
Topic
An updated firefox package that fixes various security issues is nowavailable for Red Hat Enterprise Linux 4 and 5This update has been rated as having critical security impact by the RedHat Security Response Team
...
Synopsis
Moderate: thunderbird security update
Type/Severity
Security Advisory: Moderate
Topic
Updated thunderbird packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 4 and 5This update has been rated as having moderate security impact by the RedHat Security Response Tea ...
Synopsis
Critical: seamonkey security update
Type/Severity
Security Advisory: Critical
Topic
Updated seamonkey packages that fix security issues are now available forRed Hat Enterprise Linux 21, Red Hat Enterprise Linux 3 and Red HatEnterprise Linux 4This update has been rated as having critical security ...
Several remote vulnerabilities have been discovered in the Iceweasel
webbrowser, an unbranded version of the Firefox browser The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2008-0017
Justin Schuh discovered that a buffer overflow in the http-index-format
parser could lead to arbitrary code execution
...
Several remote vulnerabilities have been discovered in Iceape an
unbranded version of the Seamonkey internet suite The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2008-0016
Justin Schuh, Tom Cross and Peter Williams discovered a buffer
overflow in the parser for UTF-8 URLs, which may lead to the
ex ...
Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications The Common Vulnerabilities
and Exposures project identifies the following problems:
CVE-2008-0016
Justin Schuh, Tom Cross and Peter Williams discovered a buffer
overflow in the parser for UTF-8 URLs, which may lead to the
executio ...
Mozilla Foundation Security Advisory 2008-58
Parsing error in E4X default namespace
Announced
November 12, 2008
Reporter
Chris Evans
Impact
Low
Products
Firefox, SeaMonkey, Thunderbird
Fixed in
...