Mozilla Zaps Thunderbird Security Bugs

The Mozilla Foundation on Friday shipped a new version of its Thunderbird mail client to plug a potentially serious URL parsing security hole affecting Linux users.

The open-source group described Thunderbird 1.0.7 as a "security and stability update" that provides a comprehensive fix for the URL parsing bug that was also flagged in the Firefox browser.

That flaw, which affects Thunderbird users on Linux, has already been fixed in Firefox 1.0.7 and the Mozilla Suite 1.7.12. It could allow a malicious URL to execute shell commands with the privileges of the logged-on user.

The Foundation has earlier suggested that users avoid clicking on links in spam or other e-mails. Mozilla Zaps Thunderbird Security Bugs

Linked by shanmuga Saturday, 1st October 2005 12:19AM