Mozilla Products Contain Multiple Vulnerabilities
Systems Affected
- Mozilla web browser
- Mozilla email application
- Firefox web browser
- Thunderbird email application
- Mozilla Suite
Overview
By taking advantage of one or more vulnerabilities in Mozilla
products, an attacker may be able to take control of your computer.
Solution
Upgrade to the latest versions of Firefox and Thunderbird
Mozilla has released an updated version of Firefox to correct
these problems.Mozilla has released an updated version of the Thunderbird email program to correct these problems.
Description
There are vulnerabilities in various features of the Mozilla web
browser, Mozilla email application, Firefox web browser, and Thunderbird
email application. Some of the vulnerabilities involve the way these
applications handle URLs or images. For instance, an attacker could
cause an application to crash or could take control of your computer
by convincing you to view a malicious web site or email message.For more technical information, see US-CERT Technical Alert TA06-107A.
References
- Mozilla Foundation Security Advisories - <http://www.mozilla.org/security/announce/>
- US-CERT Technical Cyber Security Alert TA06-107A - <http://www.us-cert.gov/cas/techalerts/TA06-107A.html>
- US-CERT Vulnerability Notes Related to April Mozilla Security Advisories - <http://www.kb.cert.org/vuls/byid?searchview&query=mozilla_April_2006>
- US-CERT Vulnerability Note VU#932734 - <http://www.kb.cert.org/vuls/id/932734>
- US-CERT Vulnerability Note VU#968814 - <http://www.kb.cert.org/vuls/id/968814>
- US-CERT Vulnerability Note VU#179014 - <http://www.kb.cert.org/vuls/id/179014>
- US-CERT Vulnerability Note VU#488774 - <http://www.kb.cert.org/vuls/id/488774>
- US-CERT Vulnerability Note VU#842094 - <http://www.kb.cert.org/vuls/id/842094>
- US-CERT Vulnerability Note VU#813230 - <http://www.kb.cert.org/vuls/id/813230>
- US-CERT Vulnerability Note VU#736934 - <http://www.kb.cert.org/vuls/id/736934>
- US-CERT Vulnerability Note VU#935556 - <http://www.kb.cert.org/vuls/id/935556>
- US-CERT Vulnerability Note VU#350262 - <http://www.kb.cert.org/vuls/id/350262>
- US-CERT Vulnerability Note VU#252324 - <http://www.kb.cert.org/vuls/id/252324>
- US-CERT Vulnerability Note VU#329500 - <http://www.kb.cert.org/vuls/id/329500>
- Firefox - Rediscover the Web - <http://www.mozilla.com/firefox/>
- Thunderbird - Reclaim your inbox - <http://www.mozilla.com/thunderbird/>
- Mozilla Suite - The All-in-One Internet Application Suite - <http://www.mozilla.org/products/mozilla1.x/>
- Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/browser_security.html#Mozilla_Firefox>
Feedback
can be directed to US-CERT -->.
Produced by US-CERT, a government organization,
Terms of use
Revision History
-
April 17, 2006: Initial release
Last updated
This product is provided subject to this Notification and this Privacy & Use policy.