mozilla thunderbird: Multiple Vulnerabilities

Users of mozilla thunderbird please be advised of a Multiple Vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

MDVSA-2010:211: [MDVSA-2010:211] mozilla-thunderbird – Multiple Issues
Problem Description:

Security issues were identified and fixed in mozilla-thunderbird:

The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x

before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and

SeaMonkey before 2.0.9 does not properly set the minimum key length

for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for

remote attackers to defeat cryptographic protection mechanisms via

a brute-force attack (CVE-2010-3173).

Unspecified vulnerability in the browser engine in Mozilla Firefox

3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before

2.0.9 allows remote attackers to cause a denial of service (memory

corruption and application crash) or possibly execute arbitrary code

via unknown vectors (CVE-2010-3174, CVE-2010-3175, CVE-2010-3176).Read more at http://www.criticalwatch.com
 

Advertisements