Published: 2008-11-16T23:42+00:00
Last Updated: 2008-11-23T04:23+00:00
TRTA08-319A
Mozilla Updates for Multiple Vulnerabilities
Overview
New versions of Firefox, Thunderbird, and SeaMonkey address several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system.
Event Information
| Date (UTC) | Description |
| 2008-11-19 |
Mozilla Mozilla Thunderbird 2.0.0.18 Release |
| 2008-11-18 |
www.scary.beasts.org CESA-2008-010: Firefox XML injection into parse of remote XML Parsing error in E4X default namespace (CVE-2008-5024) The public disclosure of the vulnerability by the reporter. |
| 2008-11-17 |
www.scary.beasts.org CESA-2008-009: Firefox 2 and WebKit nightly cross-domain image theft Cross-domain Vulnerability (CVE-2008-5012) The public disclosure of the vulnerability by the reporter. |
| 2008-11-14 20:01 |
US-CERT TA08-319A: Mozilla Updates for Multiple Vulnerabilities Via US-CERT Mailing List New versions of Firefox, Thunderbird, and SeaMonkey address several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system. |
| 2008-11-13 12:34 |
US-CERT Mozilla Releases Updates to Address Vulnerabilities in Multiple Products US-CERT Current Activity Mozilla has released Firefox 2.0.0.18, Firefox 3.0.4, and SeaMonkey 1.1.13 to address multiple vulnerabilities. The impacts of these vulnerabilities include arbitrary code execution, privilege escalation, security bypass, cross-site scripting, denial of service, and information disclosure. As described in the Mozilla Foundation security advisories, some of these vulnerabilities may also affect Thunderbird. |
| 2008-11-13 03:32 |
SANS Internet Storm Center New Firefoxen and Seamonkey out (Version: 2) New versions of FIrefox 2 & 3 were released this evening. Firefox 2.0.0.18 fixes 11 security vulnerabilities 6 of them critical including 2 remote code executions. Firefox 3.0.4 fixes 9 security vulnerabilities, 4 of them critical including remote code execution. |
| 2008-11-13 |
IBM Internet Security Systems Mozilla Unchecked Allocation Remote Code Execution http-index-format parser Vulnerability (CVE-2008-0017) Mozilla Firefox and Mozilla SeaMonkey are vulnerable to remote code execution by enticing a user to click on a malicious URL. |
| 2008-11-12 |
Mozilla Mozilla Firefox 3.0.4 Release |
| 2008-11-12 |
Mozilla SeaMonkey 1.1.13 Release |
| 2008-11-12 |
Mozilla Mozilla Firefox 2.0.0.18 Release |