Nomad559
(1000+ posts)
Send PM |
Profile |
Ignore
|
Thu Sep-22-05 04:01 PM
Original message |
Bug Gets Mozilla's ThunderBird |
|
http://www.crn.com/sections/security/security.jhtml?articleId=171100223Mozilla Corp.'s Thunderbird e-mail client for Linux suffers from the same serious vulnerability as its Firefox browser, a security firm said Thursday. The difference: Thunderbird has not been patched.
Secunia, a Danish vulnerability tracking vendor, rated the bug -- which like the one disclosed Tuesday in the Linux edition of Firefox, relates to how the software processes URLs -- as "Extremely critical," the company's most dire warning.
The bug is in Thunderbird's parsing of URLs supplied on the command line, if, for instance, a user is tricked into clicking on a "mailto:" link within a browser which uses Thunderbird as its default e-mail client (as Firefox does). Any Linux commands enclosed in backticks are executed.
Although the bug has been reported, and according to Bugzilla, Mozilla's software- and bug-management center, a fix is underway, there is as yet no official patch or updated version of Thunderbird.http://secunia.com
|
Commie Pinko Dirtbag
(1000+ posts)
Send PM |
Profile |
Ignore
|
Thu Sep-29-05 08:01 PM
Response to Original message |
1. Fixed in two days, as usual. |
|
Edited on Thu Sep-29-05 08:02 PM by Commie Pinko Dirtbag
https://bugzilla.mozilla.org/show_bug.cgi?id=307185Thank you for showing us all, yet again, how Free Software rocks.
|
DU
AdBot (1000+ posts) |
Sat May 04th 2024, 10:13 AM
Response to Original message |