Spectrum is green to stop compromised Linux systems
Red Hat has issued an update for the Mozilla Thunderbird mail and newsgroup browser to plug a number of serious security vulnerabilities.
The update for Red Hat Enterprise Linux 4 fixes problems that could be exploited to bypass certain security restrictions, conduct cross-site scripting attacks, potentially disclose sensitive information or compromise a user's system.
The Red Hat Security Response Team rated the update as 'critical'.
The bugs affect the way Thunderbird processes malformed JavaScript. JavaScript support is disabled by default in Thunderbird, but a carefully crafted mail could fetch remote content.
It was found that a malicious HTML mail message could also modify the content of a different open HTML message, possibly stealing sensitive information or installing browser malware.
Red Hat users running Thunderbird are advised to upgrade to the updated package containing Thunderbird version 1.0.8, which is not vulnerable to these issues.
Red Hat has issued an update for the Mozilla Thunderbird mail and newsgroup browser to plug a number of serious security vulnerabilities.
The update for Red Hat Enterprise Linux 4 fixes problems that could be exploited to bypass certain security restrictions, conduct cross-site scripting attacks, potentially disclose sensitive information or compromise a user's system.
The Red Hat Security Response Team rated the update as 'critical'.
The bugs affect the way Thunderbird processes malformed JavaScript. JavaScript support is disabled by default in Thunderbird, but a carefully crafted mail could fetch remote content.
It was found that a malicious HTML mail message could also modify the content of a different open HTML message, possibly stealing sensitive information or installing browser malware.
Red Hat users running Thunderbird are advised to upgrade to the updated package containing Thunderbird version 1.0.8, which is not vulnerable to these issues.
Share this page
Email this page
Back to Top
Home
Edit Post
0 comments: