- Home
- CVEs with nessus.description==Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2008-0016, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062)
Several flaws were found in the way malformed HTML mail content was displayed. An HTML mail message containing specially crafted content could potentially trick a Thunderbird user into surrendering sensitive information. (CVE-2008-3835, CVE-2008-4067, CVE-2008-4068)
A flaw was found in Thunderbird that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065, CVE-2008-4066)
Note: JavaScript support is disabled by default in Thunderbird; the above issue is not exploitable unless JavaScript is enabled.
A heap based buffer overflow flaw was found in the handling of cancelled newsgroup messages. If the user cancels a specially crafted newsgroup message it could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird.
(CVE-2008-4070)
Note2: On SL4 this updates fixes the bug that when a URL link is clicked, firefox wouldn't start. Firefox now starts when a URL link is clicked.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top