Friday, September 26, 2008

Thunderbird 2.0.0.17 Released

Mozilla has released updated version of Thunderbird email client. New version contains patches for two critical and five moderate vulnerabilities.

Critical:
MFSA 2008-46 Heap overflow when canceling newsgroup message
MFSA 2008-37 UTF-8 URL stack buffer overflow

Moderate:
MFSA 2008-44 resource: traversal vulnerabilities
MFSA 2008-43 BOM characters stripped from JavaScript before execution
MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17)
MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution
MFSA 2008-38 nsXMLDocument::OnChannelRedirect() same-origin violation


Thunderbird 2.0.0.17 Release Notes

No comments: