Attention Mozilla / Firefox / Thunderbird users - Tilted Forum Project Discussion Community

zz0011 · 02-07-2006, 12:37 PM

THE LATEST FROM US-CERT ALERTS
--------- Forwarded message ----------
From: US-CERT Alerts <alerts@us-cert.gov>
To: alerts@us-cert.gov
Date: Tue, 7 Feb 2006 13:52:51 -0500
Subject: US-CERT Cyber Security Alert SA06-038A -- Multiple Vulnerabilities in Mozilla Products
Message-ID: SA06-038A.10217@us-cert.gov

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Cyber Security Alert SA06-038A

Multiple Vulnerabilities in Mozilla Products

Original release date: February 7, 2006
Last revised: -- Source: US-CERT

Systems Affected
* Mozilla web browser
* Mozilla mail client
* Firefox web browser
* Thunderbird mail client

Overview
By taking advantage of one or more vulnerabilities in Mozilla products, an attacker may be able to take control of your computer.

Solution
Upgrade to the latest version of Firefox
Mozilla has released an updated version of Firefox to correct these problems.

Description
There are vulnerabilities in various features of the Mozilla web browser, Mozilla email client, Firefox web browser, and Thunderbird email client. Some of the vulnerabilities are connected to the way the application handles URLs or images. In one instance, an attacker could cause an application to crash or could take control of your computer by convincing you to view a malicious web site or email message.

For more technical information, see US-CERT Technical Alert TA06-038A.

References
* Mozilla Foundation Security Advisory 2006-04 -
http://www.mozilla.org/security/anno...fsa206-04.html

* US-CERT Technical Cyber Security Alert TA06-038A -
http://www.us-cert.gov/cas/techalerts/TA05-038A.html

* US-CERT Vulnerability Note VU#592425 -
http://www.kb.cert.org/vuls/id/592425

* US-CERT Vulnerability Note VU#759273 -
http://www.kb.cert.org/vuls/id/759273

The most recent version of this document can be found at:
http://www.us-cert.gov/cas/alerts/SA06-038A.html

Feedback can be directed to US-CERT. Please send email to
cert@cert.org with "SA06-038A Feedback VU#592425" in the subject.

Mailing list information:
http://www.us-cert.gov/cas/

Produced 2006 by US-CERT, a government organization.
Terms of use:
http://www.us-cert.gov/legal.html

Revision History
February 7, 2006: Initial release

spindles · 02-07-2006, 08:22 PM

thanks - reminded me I needed to patch my wifes machine...

02-07-2006, 12:37 PM	#1 (permalink)
zz0011 Crazy Location: buckle of the snow belt	Attention Mozilla / Firefox / Thunderbird users THE LATEST FROM US-CERT ALERTS --------- Forwarded message ---------- From: US-CERT Alerts <alerts@us-cert.gov> To: alerts@us-cert.gov Date: Tue, 7 Feb 2006 13:52:51 -0500 Subject: US-CERT Cyber Security Alert SA06-038A -- Multiple Vulnerabilities in Mozilla Products Message-ID: SA06-038A.10217@us-cert.gov -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Cyber Security Alert SA06-038A Multiple Vulnerabilities in Mozilla Products Original release date: February 7, 2006 Last revised: -- Source: US-CERT Systems Affected * Mozilla web browser * Mozilla mail client * Firefox web browser * Thunderbird mail client Overview By taking advantage of one or more vulnerabilities in Mozilla products, an attacker may be able to take control of your computer. Solution Upgrade to the latest version of Firefox Mozilla has released an updated version of Firefox to correct these problems. Description There are vulnerabilities in various features of the Mozilla web browser, Mozilla email client, Firefox web browser, and Thunderbird email client. Some of the vulnerabilities are connected to the way the application handles URLs or images. In one instance, an attacker could cause an application to crash or could take control of your computer by convincing you to view a malicious web site or email message. For more technical information, see US-CERT Technical Alert TA06-038A. References * Mozilla Foundation Security Advisory 2006-04 - http://www.mozilla.org/security/anno...fsa206-04.html * US-CERT Technical Cyber Security Alert TA06-038A - http://www.us-cert.gov/cas/techalerts/TA05-038A.html * US-CERT Vulnerability Note VU#592425 - http://www.kb.cert.org/vuls/id/592425 * US-CERT Vulnerability Note VU#759273 - http://www.kb.cert.org/vuls/id/759273 The most recent version of this document can be found at: http://www.us-cert.gov/cas/alerts/SA06-038A.html Feedback can be directed to US-CERT. Please send email to cert@cert.org with "SA06-038A Feedback VU#592425" in the subject. Mailing list information: http://www.us-cert.gov/cas/ Produced 2006 by US-CERT, a government organization. Terms of use: http://www.us-cert.gov/legal.html Revision History February 7, 2006: Initial release __________________ 10th sig ~> "How many a dispute could have been deflated into a single paragraph if the disputants had dared to define their terms?" -- Aristotle

02-07-2006, 08:22 PM	#2 (permalink)
spindles Mine is an evil laugh Location: Sydney, Australia	thanks - reminded me I needed to patch my wifes machine... __________________ who hid my keyboard's PANIC button?