MDVSA-2011:042

Executive Summary

Informations
Name	MDVSA-2011:042	First vendor Publication	2011-03-07
Vendor	Mandriva	Last vendor Modification	2011-03-07
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Security issues were identified and fixed in mozilla-thunderbird:

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2011-0053).

Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image (CVE-2011-0061).

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2011-0062).

The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element (CVE-2010-1585).

Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490

Additionally, some packages which require so, have been rebuilt and are being provided as updates.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2011:042

CWE : Common Weakness Enumeration

id	Name
CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
CWE-20	Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12532

Oval ID:	oval:org.mitre.oval:def:12532
Title:	Remote code execution vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 through ParanoidFragmentSink protection mechanism
Description:	The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-1585	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey
Definition Synopsis:
Check for vulnerable versions for Mozilla Firefox Mozilla Firefox is installed AND Check if Mozilla Firefox version is before 3.5.17 or 3.6.x before 3.6.14 OR Check for vulnerable versions for Mozilla SeaMonkey Mozilla Seamonkey is installed AND Check for Mozilla SeaMonkey version less than 2.0 and 2.0.x before 2.0.11 Mozilla Seamonkey before 2.0 is installed AND Check if Mozilla SeaMonkey version is before 2.0.12 OR Check for vulnerable versions for Mozilla Thunderbird Mozilla Thunderbird is installed AND Check if Mozilla Thunderbird version is before 3.1.8

Definition Id: oval:org.mitre.oval:def:14379

Oval ID:	oval:org.mitre.oval:def:14379
Title:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-0053	Version:	5
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Mozilla Thunderbird Mozilla Firefox Mozilla Seamonkey
Definition Synopsis:
Determine if the version of Mozilla Thunderbird is less than or equal to 1.7.3 and is greater than or equal to 1.0 Mozilla Thunderbird is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 1.7.3 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 1.0 OR Determine if the version of Mozilla Firefox is less than or equal to 1.5 and is greater than or equal to 1.0 Mozilla Firefox is installed AND Determine if the version of Mozilla Firefox is less than or equal to 1.5 AND Determine if the version of Mozilla Firefox is greater than or equal to 1.0 OR Determine if the version of Mozilla Firefox is less than or equal to 3.6.13 and is greater than or equal to 3.0 Mozilla Firefox is installed AND Determine if the version of Mozilla Firefox is less than or equal to 3.6.13 AND Determine if the version of Mozilla Firefox is greater than or equal to 3.0 OR Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 and is greater than or equal to 1.0 Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 1.0 OR Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 and is greater than or equal to 1.0 Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 1.0 OR Determine if the version of Mozilla Thunderbird is less than or equal to 3.1.7 and is greater than or equal to 3.0.1 Mozilla Thunderbird is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 3.1.7 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 3.0.1 OR Determine if the version of Mozilla Thunderbird is less than or equal to 0.9 and is greater than or equal to 0.1 Mozilla Thunderbird is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 0.9 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 OR Determine if the version of Mozilla Thunderbird is less than or equal to 2.0.0.23 and is greater than or equal to 2.0.0.0 Mozilla Thunderbird is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 2.0.0.23 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 2.0.0.0 OR Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.11 and is greater than or equal to 2.0.1 Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.11 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0.1 OR Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.11 and is greater than or equal to 2.0.1 Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.11 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0.1 OR Determine if the version of Mozilla Firefox is less than or equal to 2.0.0.20 and is greater than or equal to 2.0.0.1 Mozilla Firefox is installed AND Determine if the version of Mozilla Firefox is less than or equal to 2.0.0.20 AND Determine if the version of Mozilla Firefox is greater than or equal to 2.0.0.1

Definition Id: oval:org.mitre.oval:def:14486

Oval ID:	oval:org.mitre.oval:def:14486
Title:	Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.
Description:	Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-0061	Version:	5
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Mozilla Seamonkey Mozilla Thunderbird Mozilla Firefox
Definition Synopsis:
Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.11 and is greater than or equal to 2.0.1 Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.11 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0.1 OR Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.11 and is greater than or equal to 2.0.1 Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 2.0.11 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 2.0.1 OR Determine if the version of Mozilla Thunderbird is less than or equal to 1.7.3 and is greater than or equal to 1.0 Mozilla Thunderbird is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 1.7.3 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 1.0 OR Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 and is greater than or equal to 1.0 Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 1.0 OR Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 and is greater than or equal to 1.0 Mozilla Seamonkey is installed AND Determine if the version of Mozilla Seamonkey is less than or equal to 1.5.0.10 AND Determine if the version of Mozilla Seamonkey is greater than or equal to 1.0 OR Determine if the version of Mozilla Firefox is less than or equal to 3.6.13 and is greater than or equal to 3.6.2 Mozilla Firefox is installed AND Determine if the version of Mozilla Firefox is less than or equal to 3.6.13 AND Determine if the version of Mozilla Firefox is greater than or equal to 3.6.2 OR Determine if the version of Mozilla Thunderbird is less than or equal to 3.1 and is greater than or equal to 3.0.1 Mozilla Thunderbird is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 3.1 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 3.0.1 OR Determine if the version of Mozilla Thunderbird is less than or equal to 0.9 and is greater than or equal to 0.1 Mozilla Thunderbird is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 0.9 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1 OR Determine if the version of Mozilla Thunderbird is less than or equal to 2.0.0.23 and is greater than or equal to 2.0.0.0 Mozilla Thunderbird is installed AND Determine if the version of Mozilla Thunderbird is less than or equal to 2.0.0.23 AND Determine if the version of Mozilla Thunderbird is greater than or equal to 2.0.0.0

Definition Id: oval:org.mitre.oval:def:14409

Oval ID:	oval:org.mitre.oval:def:14409
Title:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description:	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-0062	Version:	5
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Mozilla Firefox Mozilla Thunderbird
Definition Synopsis:
Determine if the version of Mozilla Firefox is less than or equal to 3.6.13 and is greater than or equal to 3.6.2 Mozilla Firefox is installed AND Determine if the version of Mozilla Firefox is less than or equal to 3.6.13 AND Determine if the version of Mozilla Firefox is greater than or equal to 3.6.2 OR Determine if the version of Mozilla Thunderbird is equal to 3.1 Mozilla Thunderbird is installed AND Determine if the version of Mozilla Thunderbird is equal to 3.1

CPE : Common Platform Enumeration

Type	Description	Count
Application	Mozilla Firefox cpe:/a:mozilla:firefox:3.6.9 cpe:/a:mozilla:firefox:3.6.8 cpe:/a:mozilla:firefox:3.6.7 cpe:/a:mozilla:firefox:3.6.6 cpe:/a:mozilla:firefox:3.6.4 cpe:/a:mozilla:firefox:3.6.3 cpe:/a:mozilla:firefox:3.6.2 cpe:/a:mozilla:firefox:3.6.13 cpe:/a:mozilla:firefox:3.6.12 cpe:/a:mozilla:firefox:3.6.11 cpe:/a:mozilla:firefox:3.6.10 cpe:/a:mozilla:firefox:3.6 cpe:/a:mozilla:firefox:3.5.9 cpe:/a:mozilla:firefox:3.5.8 cpe:/a:mozilla:firefox:3.5.7 cpe:/a:mozilla:firefox:3.5.6 cpe:/a:mozilla:firefox:3.5.5 cpe:/a:mozilla:firefox:3.5.4 cpe:/a:mozilla:firefox:3.5.3 cpe:/a:mozilla:firefox:3.5.2 cpe:/a:mozilla:firefox:3.5.16 cpe:/a:mozilla:firefox:3.5.15 cpe:/a:mozilla:firefox:3.5.14 cpe:/a:mozilla:firefox:3.5.13 cpe:/a:mozilla:firefox:3.5.12 cpe:/a:mozilla:firefox:3.5.11 cpe:/a:mozilla:firefox:3.5.10 cpe:/a:mozilla:firefox:3.5.1 cpe:/a:mozilla:firefox:3.5 cpe:/a:mozilla:firefox:3.0.9 cpe:/a:mozilla:firefox:3.0.8 cpe:/a:mozilla:firefox:3.0.7 cpe:/a:mozilla:firefox:3.0.6 cpe:/a:mozilla:firefox:3.0.5 cpe:/a:mozilla:firefox:3.0.4 cpe:/a:mozilla:firefox:3.0.3 cpe:/a:mozilla:firefox:3.0.2 cpe:/a:mozilla:firefox:3.0.17 cpe:/a:mozilla:firefox:3.0.16 cpe:/a:mozilla:firefox:3.0.15 cpe:/a:mozilla:firefox:3.0.14 cpe:/a:mozilla:firefox:3.0.13 cpe:/a:mozilla:firefox:3.0.12 cpe:/a:mozilla:firefox:3.0.11 cpe:/a:mozilla:firefox:3.0.10 cpe:/a:mozilla:firefox:3.0.1 cpe:/a:mozilla:firefox:3.0 cpe:/a:mozilla:firefox:2.0.0.9 cpe:/a:mozilla:firefox:2.0.0.8 cpe:/a:mozilla:firefox:2.0.0.7 cpe:/a:mozilla:firefox:2.0.0.6 cpe:/a:mozilla:firefox:2.0.0.5 cpe:/a:mozilla:firefox:2.0.0.4 cpe:/a:mozilla:firefox:2.0.0.3 cpe:/a:mozilla:firefox:2.0.0.20 cpe:/a:mozilla:firefox:2.0.0.2 cpe:/a:mozilla:firefox:2.0.0.19 cpe:/a:mozilla:firefox:2.0.0.18 cpe:/a:mozilla:firefox:2.0.0.17 cpe:/a:mozilla:firefox:2.0.0.16 cpe:/a:mozilla:firefox:2.0.0.15 cpe:/a:mozilla:firefox:2.0.0.14 cpe:/a:mozilla:firefox:2.0.0.13 cpe:/a:mozilla:firefox:2.0.0.12 cpe:/a:mozilla:firefox:2.0.0.11 cpe:/a:mozilla:firefox:2.0.0.10 cpe:/a:mozilla:firefox:2.0.0.1 cpe:/a:mozilla:firefox:2.0 cpe:/a:mozilla:firefox:1.5.8 cpe:/a:mozilla:firefox:1.5.7 cpe:/a:mozilla:firefox:1.5.6 cpe:/a:mozilla:firefox:1.5.5 cpe:/a:mozilla:firefox:1.5.4 cpe:/a:mozilla:firefox:1.5.3 cpe:/a:mozilla:firefox:1.5.2 cpe:/a:mozilla:firefox:1.5.1 cpe:/a:mozilla:firefox:1.5.0.9 cpe:/a:mozilla:firefox:1.5.0.8 cpe:/a:mozilla:firefox:1.5.0.7 cpe:/a:mozilla:firefox:1.5.0.6 cpe:/a:mozilla:firefox:1.5.0.5 cpe:/a:mozilla:firefox:1.5.0.4 cpe:/a:mozilla:firefox:1.5.0.3 cpe:/a:mozilla:firefox:1.5.0.2 cpe:/a:mozilla:firefox:1.5.0.12 cpe:/a:mozilla:firefox:1.5.0.11 cpe:/a:mozilla:firefox:1.5.0.10 cpe:/a:mozilla:firefox:1.5.0.1 cpe:/a:mozilla:firefox:1.5:beta1 cpe:/a:mozilla:firefox:1.5:beta2 cpe:/a:mozilla:firefox:1.5 cpe:/a:mozilla:firefox:1.0.8 cpe:/a:mozilla:firefox:1.0.7 cpe:/a:mozilla:firefox:1.0.6 cpe:/a:mozilla:firefox:1.0.5 cpe:/a:mozilla:firefox:1.0.4 cpe:/a:mozilla:firefox:1.0.3 cpe:/a:mozilla:firefox:1.0.2 cpe:/a:mozilla:firefox:1.0.1 cpe:/a:mozilla:firefox:1.0:preview_release cpe:/a:mozilla:firefox:1.0	101
Application	Mozilla Seamonkey cpe:/a:mozilla:seamonkey:2.0.9 cpe:/a:mozilla:seamonkey:2.0.8 cpe:/a:mozilla:seamonkey:2.0.7 cpe:/a:mozilla:seamonkey:2.0.6 cpe:/a:mozilla:seamonkey:2.0.5 cpe:/a:mozilla:seamonkey:2.0.4 cpe:/a:mozilla:seamonkey:2.0.3 cpe:/a:mozilla:seamonkey:2.0.2 cpe:/a:mozilla:seamonkey:2.0.11 cpe:/a:mozilla:seamonkey:2.0.10 cpe:/a:mozilla:seamonkey:2.0.1 cpe:/a:mozilla:seamonkey:2.0:alpha_2 cpe:/a:mozilla:seamonkey:2.0:alpha_1 cpe:/a:mozilla:seamonkey:2.0 cpe:/a:mozilla:seamonkey:2.0:rc2 cpe:/a:mozilla:seamonkey:2.0:alpha_3 cpe:/a:mozilla:seamonkey:2.0:rc1 cpe:/a:mozilla:seamonkey:2.0:beta_2 cpe:/a:mozilla:seamonkey:2.0:beta_1 cpe:/a:mozilla:seamonkey:1.5.0.9 cpe:/a:mozilla:seamonkey:1.5.0.8 cpe:/a:mozilla:seamonkey:1.5.0.10 cpe:/a:mozilla:seamonkey:1.1.9 cpe:/a:mozilla:seamonkey:1.1.8 cpe:/a:mozilla:seamonkey:1.1.7 cpe:/a:mozilla:seamonkey:1.1.6 cpe:/a:mozilla:seamonkey:1.1.5 cpe:/a:mozilla:seamonkey:1.1.4 cpe:/a:mozilla:seamonkey:1.1.3 cpe:/a:mozilla:seamonkey:1.1.2 cpe:/a:mozilla:seamonkey:1.1.19 cpe:/a:mozilla:seamonkey:1.1.18 cpe:/a:mozilla:seamonkey:1.1.17 cpe:/a:mozilla:seamonkey:1.1.16 cpe:/a:mozilla:seamonkey:1.1.15 cpe:/a:mozilla:seamonkey:1.1.14 cpe:/a:mozilla:seamonkey:1.1.13 cpe:/a:mozilla:seamonkey:1.1.12 cpe:/a:mozilla:seamonkey:1.1.11 cpe:/a:mozilla:seamonkey:1.1.10 cpe:/a:mozilla:seamonkey:1.1.1 cpe:/a:mozilla:seamonkey:1.1:alpha cpe:/a:mozilla:seamonkey:1.1:beta cpe:/a:mozilla:seamonkey:1.1 cpe:/a:mozilla:seamonkey:1.0.9 cpe:/a:mozilla:seamonkey:1.0.8 cpe:/a:mozilla:seamonkey:1.0.7 cpe:/a:mozilla:seamonkey:1.0.6 cpe:/a:mozilla:seamonkey:1.0.5 cpe:/a:mozilla:seamonkey:1.0.4 cpe:/a:mozilla:seamonkey:1.0.3 cpe:/a:mozilla:seamonkey:1.0.2 cpe:/a:mozilla:seamonkey:1.0.1 cpe:/a:mozilla:seamonkey:1.0:alpha cpe:/a:mozilla:seamonkey:1.0 cpe:/a:mozilla:seamonkey:1.0:beta	56
Application	Mozilla Thunderbird cpe:/a:mozilla:thunderbird:3.1.7 cpe:/a:mozilla:thunderbird:3.1.6 cpe:/a:mozilla:thunderbird:3.1.5 cpe:/a:mozilla:thunderbird:3.1.4 cpe:/a:mozilla:thunderbird:3.1.3 cpe:/a:mozilla:thunderbird:3.1.2 cpe:/a:mozilla:thunderbird:3.1.1 cpe:/a:mozilla:thunderbird:3.1 cpe:/a:mozilla:thunderbird:3.0.9 cpe:/a:mozilla:thunderbird:3.0.8 cpe:/a:mozilla:thunderbird:3.0.7 cpe:/a:mozilla:thunderbird:3.0.6 cpe:/a:mozilla:thunderbird:3.0.5 cpe:/a:mozilla:thunderbird:3.0.4 cpe:/a:mozilla:thunderbird:3.0.3 cpe:/a:mozilla:thunderbird:3.0.2 cpe:/a:mozilla:thunderbird:3.0.11 cpe:/a:mozilla:thunderbird:3.0.10 cpe:/a:mozilla:thunderbird:3.0.1 cpe:/a:mozilla:thunderbird:3.0 cpe:/a:mozilla:thunderbird:2.0.0.9 cpe:/a:mozilla:thunderbird:2.0.0.8 cpe:/a:mozilla:thunderbird:2.0.0.7 cpe:/a:mozilla:thunderbird:2.0.0.6 cpe:/a:mozilla:thunderbird:2.0.0.5 cpe:/a:mozilla:thunderbird:2.0.0.4 cpe:/a:mozilla:thunderbird:2.0.0.3 cpe:/a:mozilla:thunderbird:2.0.0.23 cpe:/a:mozilla:thunderbird:2.0.0.22 cpe:/a:mozilla:thunderbird:2.0.0.21 cpe:/a:mozilla:thunderbird:2.0.0.2 cpe:/a:mozilla:thunderbird:2.0.0.19 cpe:/a:mozilla:thunderbird:2.0.0.18 cpe:/a:mozilla:thunderbird:2.0.0.17 cpe:/a:mozilla:thunderbird:2.0.0.16 cpe:/a:mozilla:thunderbird:2.0.0.14 cpe:/a:mozilla:thunderbird:2.0.0.12 cpe:/a:mozilla:thunderbird:2.0.0.1 cpe:/a:mozilla:thunderbird:2.0.0.0 cpe:/a:mozilla:thunderbird:2.0 cpe:/a:mozilla:thunderbird:1.7.3 cpe:/a:mozilla:thunderbird:1.7.1 cpe:/a:mozilla:thunderbird:1.5.2 cpe:/a:mozilla:thunderbird:1.5.1 cpe:/a:mozilla:thunderbird:1.5.0.9 cpe:/a:mozilla:thunderbird:1.5.0.8 cpe:/a:mozilla:thunderbird:1.5.0.7 cpe:/a:mozilla:thunderbird:1.5.0.6 cpe:/a:mozilla:thunderbird:1.5.0.5 cpe:/a:mozilla:thunderbird:1.5.0.4 cpe:/a:mozilla:thunderbird:1.5.0.3 cpe:/a:mozilla:thunderbird:1.5.0.2 cpe:/a:mozilla:thunderbird:1.5.0.14 cpe:/a:mozilla:thunderbird:1.5.0.13 cpe:/a:mozilla:thunderbird:1.5.0.12 cpe:/a:mozilla:thunderbird:1.5.0.11 cpe:/a:mozilla:thunderbird:1.5.0.10 cpe:/a:mozilla:thunderbird:1.5.0.1 cpe:/a:mozilla:thunderbird:1.5:beta2 cpe:/a:mozilla:thunderbird:1.5 cpe:/a:mozilla:thunderbird:1.0.8 cpe:/a:mozilla:thunderbird:1.0.7 cpe:/a:mozilla:thunderbird:1.0.6 cpe:/a:mozilla:thunderbird:1.0.5 cpe:/a:mozilla:thunderbird:1.0.4 cpe:/a:mozilla:thunderbird:1.0.3 cpe:/a:mozilla:thunderbird:1.0.2 cpe:/a:mozilla:thunderbird:1.0.1 cpe:/a:mozilla:thunderbird:1.0 cpe:/a:mozilla:thunderbird:0.9 cpe:/a:mozilla:thunderbird:0.8 cpe:/a:mozilla:thunderbird:0.7.3 cpe:/a:mozilla:thunderbird:0.7.2 cpe:/a:mozilla:thunderbird:0.7.1 cpe:/a:mozilla:thunderbird:0.7 cpe:/a:mozilla:thunderbird:0.6 cpe:/a:mozilla:thunderbird:0.5 cpe:/a:mozilla:thunderbird:0.4 cpe:/a:mozilla:thunderbird:0.3 cpe:/a:mozilla:thunderbird:0.2 cpe:/a:mozilla:thunderbird:0.1	81

Open Source Vulnerability Database (OSVDB)

id	Description
72466	Mozilla Multiple Products JPEG Image Decoding Overflow
72465	Mozilla Multiple Products ParanoidFragmentSink nsIScriptableUnescapeHTML.pars...
72454	Mozilla Multiple Products JSObject::dropProperty Memory Corruption
72449	Mozilla Multiple Products jstracer.cpp TraceRecorder::box_jsval() Function Me...
72448	Mozilla Multiple Products nsUTF8ToUnicode Buffer Overrun Memory Corruption
72447	Mozilla Multiple Products nsEUCJPToUnicodeV2::Convert Buffer Writing Memory C...
72446	Mozilla Multiple Products AddRef() nsNPAPIPluginInstance::mOwner Deleted Obje...
72445	Mozilla Multiple Products js/src/xpconnect/src/xpcwrappednative.cpp Incorrect...
72444	Mozilla Multiple Products nsSHTransaction::GetPrev Memory Corruption DoS
72443	Mozilla Multiple Products Valgrind Testcase Invalid Read / Write Memory Corru...
72442	Mozilla Multiple Products abs.pos. Continuations Style Context Memory Corruption
72441	Mozilla Multiple Products v_ins->isF64() /jstracer.cpp:9347 Assertion Failure...
72440	Mozilla Multiple Products popTemplateRule Call txExecutionState.init Memory C...
72439	Mozilla Multiple Products GC / OOM Reporting Title Lock Function Allocation M...
72438	Mozilla Multiple Products nsXULTemplateBuilder/nsXULTemplateQueryProcessorXML...
72437	Mozilla Multiple Products jsapi.cpp JS_ResolveStandardClass String.prototype ...
64150	Mozilla Firefox nsIScriptableUnescapeHTML.parseFragment Method Multiple Eleme...