Multiple vulnerabilities in Mozilla products

Systems Affected

• Mozilla Suite (Mozilla web browser, Mozilla Mail)
• Firefox web browser
• Thunderbird email client

Overview

By taking advantage of one or more vulnerabilities in Mozilla products, an attacker may be able to take control of your computer.

Solution

Upgrade to the latest version

Mozilla has released updated versions of the affected products. You can download the latest versions:

• Mozilla
• Firefox
• Thunderbird

Description

There are vulnerabilities in various features of Mozilla's web browsers and email clients. Some of the vulnerabilities are connected to the way the application handles URLs or images. In one instance, an attacker could cause an application to crash or could take control of your computer by convincing you to view a malicious web site or email message.

For more technical information, see US-CERT Technical Alert TA04-261A.

References

• Known Vulnerabilities in Mozilla - <http://www.mozilla.org/projects/security/known-vulnerabilities.html>
• US-CERT Technical Cyber Security Alert TA04-261A - <http://www.us-cert.gov/cas/techalerts/TA04-261A.html>

Feedback can be directed to US-CERT.

Copyright 2004 Carnegie Mellon University. Terms of use

Revision History

September 17, 2004: Initial release