Mozilla's multiple vulnerabilities
Mozilla addresses multiple vulnerabilities.
Mozilla has released new versions of Firefox, Thunderbird, and SeaMonkey
to address several vulnerabilities. While the impacts of the individual vulnerabilities vary, the most severe could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. An attacker may also be able to cause a denial_of_service.
Systems affected: MozillaFirefox;
Mozilla Thunderbird; Mozilla SeaMonkey; Netscape Browser.
Other products based on Mozilla components may also be affected.
Solution: These vulnerabilities are addressed in Mozilla Firefox 1.5.0.9, Mozilla Firefox 2.0.0.1, Mozilla Thunderbird 1.5.0.9, and SeaMonkey 1.0.7. Mozilla Firefox, Thunderbird, and SeaMonkey automatically check for updates by default. Support for Firefox 1.5 is scheduled to end in April 2007. All users are strongly encouraged to upgrade to Firefox 2.
Firefox 1.5.0.9: http://www.mozilla.com/en_US/firefox/releases/1.5.0.9.html
Firefox 2.0.0.1: http://www.mozilla.com/en_US/firefox/
Thunderbird 1.5.0.9:http://www.mozilla.com/en_US/thunderbird/releases/1.5.0.9.ht ml
SeaMonkey 1.0.7: http://www.mozilla.org/projects/seamonkey/
Disable java_script and Java: These vulnerabilities can be mitigated by disablingjava_script and Java.
For more information about configuring Firefox, please see the
"Securing Your Web Browser" document: http://www.us_cert.gov/reading_room/securing_browser/#Mozilla_Firefox
Netscape users should see the "Site Controls" document for details:
http://browser.netscape.com/ns8/help/options_site.jsp
Thunderbird disablesjava_script and Java by default.
Source: http://www.uscert.gov/cas/techalerts/TA06_354A.html
Mozilla has released new versions of Firefox, Thunderbird, and SeaMonkey
to address several vulnerabilities. While the impacts of the individual vulnerabilities vary, the most severe could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. An attacker may also be able to cause a denial_of_service.
Systems affected: MozillaFirefox;
Mozilla Thunderbird; Mozilla SeaMonkey; Netscape Browser.
Other products based on Mozilla components may also be affected.
Solution: These vulnerabilities are addressed in Mozilla Firefox 1.5.0.9, Mozilla Firefox 2.0.0.1, Mozilla Thunderbird 1.5.0.9, and SeaMonkey 1.0.7. Mozilla Firefox, Thunderbird, and SeaMonkey automatically check for updates by default. Support for Firefox 1.5 is scheduled to end in April 2007. All users are strongly encouraged to upgrade to Firefox 2.
Firefox 1.5.0.9: http://www.mozilla.com/en_US/firefox/releases/1.5.0.9.html
Firefox 2.0.0.1: http://www.mozilla.com/en_US/firefox/
Thunderbird 1.5.0.9:http://www.mozilla.com/en_US/thunderbird/releases/1.5.0.9.ht ml
SeaMonkey 1.0.7: http://www.mozilla.org/projects/seamonkey/
Disable java_script and Java: These vulnerabilities can be mitigated by disablingjava_script and Java.
For more information about configuring Firefox, please see the
"Securing Your Web Browser" document: http://www.us_cert.gov/reading_room/securing_browser/#Mozilla_Firefox
Netscape users should see the "Site Controls" document for details:
http://browser.netscape.com/ns8/help/options_site.jsp
Thunderbird disablesjava_script and Java by default.
Source: http://www.uscert.gov/cas/techalerts/TA06_354A.html
posted by arkietechs at 6:49 AM
0 Comments:
Post a Comment
<< Home