USN-181-1: Mozilla products vulnerability

12 September 2005

mozilla, mozilla-thunderbird, mozilla-firefox vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 5.04
  • Ubuntu 4.10

Software Description

Details

Tom Ferris discovered a buffer overflow in the Mozilla products (Mozilla browser, Firefox, Thunderbird). By tricking an user to click on a Hyperlink with a specially crafted destination URL, a remote attacker could crash the application. It might even be possible to exploit this vulnerability to execute arbitrary code, but this has not yet been confirmed.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.04
mozilla-browser
mozilla-firefox
mozilla-thunderbird
Ubuntu 4.10
mozilla-browser
mozilla-firefox
mozilla-thunderbird

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

References