Ubuntu Security Notice 1122-3 - USN-1122-2 fixed vulnerabilities in Thunderbird on Ubuntu 11.04. A regression was introduced which caused Thunderbird to display an empty menu bar. This update fixes the problem. It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. It was discovered that Thunderbird incorrectly handled certain JavaScript requests. If JavaScript were enabled, an attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. Various other issues were also addressed
fcbe2acfdfc2dc9d4671f12b4fd20c3af797b24bac4bbc35088a7f1e63975b32
Debian Linux Security Advisory 2235-1 - Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client.
004f26951b64ddf5048affa53c3e4860e72e310acb89923d1677e2def604574d
Ubuntu Security Notice 1122-2 - USN-1122-1 fixed vulnerabilities in Thunderbird for Lucid and Maverick. This update provides the corresponding fixes for Natty. It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. It was discovered that Thunderbird incorrectly handled certain JavaScript requests. If JavaScript were enabled, an attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. Ian Beer discovered a vulnerability in the memory handling of a certain types of documents. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. Multiple other vulnerabilities were also addressed.
ed069d3b5e33561496691a93fcacfaa216af0053b89c9815c07159b843b01c7d
Ubuntu Security Notice 1122-1 - It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. It was discovered that Thunderbird incorrectly handled certain JavaScript requests. If JavaScript were enabled, an attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. Ian Beer discovered a vulnerability in the memory handling of a certain types of documents. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. Multiple other vulnerabilities were also addressed.
3003590628e9612fcefacccee2790941e0c013352e03bd3c1f72ab35dfbc7ca4
Debian Linux Security Advisory 2228-1 - Several vulnerabilities have been found in Iceweasel, a web browser based on Firefox.
078486b1e8f5b88faea2f516d6b56bfc112bf90d660d1a22609bc809f5526969
Mandriva Linux Security Advisory 2011-080 - Security researcher Soroush Dalili reported that the resource: protocol could be exploited to allow directory traversal on Windows and the potential loading of resources from non-permitted locations. The impact would depend on whether interesting files existed in predictable locations in a useful format. For example, the existence or non-existence of particular images might indicate whether certain software was installed. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
139b2895ed6cec38a7cbd37a984d8efc5c45dd3312146e5b19d564d7762e49c2
Debian Linux Security Advisory 2227-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey.
cd32b5302d6b4adfe7810b2d9e4975f20501c8da8a4d10b526805c5c18636305
Mandriva Linux Security Advisory 2011-079 - Chris Evans of the Chrome Security Team reported that the XSLT generate-id() function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while exploiting a different memory corruption but, in order to make an exploit more reliable or work around mitigation features in the browser or operating system. Various other issues were also addressed.
1c95ea9cdefc67e8ee438446205a5ef410e3cfc12f3fd1aea55221701e09723d
Ubuntu Security Notice 1121-1 - Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, and Ted Mielczarek discovered multiple memory vulnerabilities. An attacker could exploit these to possibly run arbitrary code as the user running Firefox. It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Firefox. It was discovered that Firefox incorrectly handled certain JavaScript requests. An attacker could exploit this to possibly run arbitrary code as the user running Firefox. Ian Beer discovered a vulnerability in the memory handling of a certain types of documents. An attacker could exploit this to possibly run arbitrary code as the user running Firefox. Chris Evans discovered a vulnerability in Firefox's XSLT generate-id() function. An attacker could possibly use this vulnerability to make other attacks more reliable.
0b43ad1f134723fd278888daf7e615fb85bcf6536d2409c43251b5e82195fe61
Ubuntu Security Notice 1112-1 - Multiple vulnerabilities have been identified and fixed in Firefox. It was discovered that there was a vulnerability in the memory handling of certain types of content. It was discovered that Firefox incorrectly handled certain JavaScript requests. Ian Beer discovered a vulnerability in the memory handling of a certain types of documents. Various other issues were also addressed.
11059296a4b90b8dea1f0da2aba7f9a9c45481614b445a52cac0efc190a17503