TITLE: Mandriva update for mozilla-thunderbird SECUNIA ADVISORY ID: SA19821 VERIFY ADVISORY: http://secunia.com/advisories/19821/ CRITICAL: Moderately critical IMPACT: Security Bypass, Cross Site Scripting, Exposure of system information, Exposure of sensitive information, System access WHERE: >From remote OPERATING SYSTEM: Mandriva Linux 2006 http://secunia.com/product/9020/ DESCRIPTION: Mandriva has issued an update for mozilla-thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, potentially disclose sensitive information, and potentially compromise a user's system. For more information: SA15907 SA18704 SOLUTION: Apply updated packages. Mandrivalinux 2006: db1cb3f95a9ed5c38eadf84ab15059dd 2006.0/RPMS/mozilla-thunderbird-1.0.6-7.6.20060mdk.i586.rpm 4ac317574cda9d575725e2001c106c64 2006.0/RPMS/mozilla-thunderbird-enigmail-1.0.6-7.6.20060mdk.i586.rpm c9788a8baa83accaa38a6962d019be16 2006.0/RPMS/mozilla-thunderbird-enigmime-1.0.6-7.6.20060mdk.i586.rpm 898658630b23e73046c50de78ae364b1 2006.0/SRPMS/mozilla-thunderbird-1.0.6-7.6.20060mdk.src.rpm Mandrivalinux 2006/X86_64 6ceb2686941e208c141d1a339dd87f85 x86_64/2006.0/RPMS/mozilla-thunderbird-1.0.6-7.6.20060mdk.x86_64.rpm 57637d19befac214ef7c4c2cef84462d x86_64/2006.0/RPMS/mozilla-thunderbird-enigmail-1.0.6-7.6.20060mdk.x86_64.rpm f08fe4796dd84bbb9414668f55cbb2b9 x86_64/2006.0/RPMS/mozilla-thunderbird-enigmime-1.0.6-7.6.20060mdk.x86_64.rpm 898658630b23e73046c50de78ae364b1 x86_64/2006.0/SRPMS/mozilla-thunderbird-1.0.6-7.6.20060mdk.src.rpm ORIGINAL ADVISORY: http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:078 OTHER REFERENCES: SA15907: http://secunia.com/advisories/15907/ SA18704: http://secunia.com/advisories/18704/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------