Patch for the vulnerability in SeaMonkey 1.1.8 and Thunderbird 2.0.0.12 has been released. If the exploitation is successful, it might allow running an arbitrary code. By mailing a crafty message, the attacker could initiate a buffer overflow fault, leaving the potential victim vulnerable to remote launch and installation of malware. Mozilla found that the problem is caused because of an error in the way external-body MIME types are handled. IDefense found a 'heap-based buffer overflow' flaw in Mozilla Mail code, which, on exploitation, could let an attacker execute arbitrary code. One of the vulnerabilities that Mozilla rated as critical was actually the discovery of iDefense, a research firm. The arrival of the update follows the introduction of Mozilla Messaging, the new mail subsidiary of Mozilla Foundation, a non-profit organization. Mozilla has recently launched a new edition of its e-mail client, Thunderbird, patching six flaws. Mozilla Upgrades Thunderbird to Fix Six Bugs
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |