US-CERT Cyber Security Alert SA08-319A -- Mozilla Updates for Multiple Vulnerabilities

National Cyber Alert System
Cyber Security Alert SA08-319A

Mozilla Updates for Multiple Vulnerabilities

Original release date: November 14, 2008
Last revised: --
Source: US-CERT

Systems Affected

Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey

Other products based on Mozilla components may also be affected.

Overview

There are several vulnerabilities that affect Mozilla Firefox, Thunderbird, and SeaMonkey.

Solution

Upgrade

These vulnerabilities are addressed in Mozilla Firefox 3.0.4, Firefox 2.0.0.18, Thunderbird 2.0.0.18, and SeaMonkey 1.1.13.

Description

There are vulnerabilities in Firefox, Thunderbird, and SeaMonkey that an attacker could exploit by convincing a user to open a malicious web page or email message. The most severe of these vulnerabilities may allow an attacker to cause your computer to crash.

More information is available in US-CERT Technical Cyber Security Alert TA08-319A.

References

Mozilla Foundation Security Advisories - <http://www.mozilla.org/security/announce/>
US-CERT Technical Cyber Security Alert TA08-319A - <http://www.us-cert.gov/cas/techalerts/TA08-319A.html>
Mozilla-Based Applications - <http://www.mozilla.org/projects/mozilla-based.html>
Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/>

Feedback can be directed to US-CERT.

Produced 2008 by US-CERT, a government organization. Terms of use

Revision History

November 14, 2008: Initial release

Last updated November 14, 2008