US-CERT Cyber Security Alert SA04-261A -- Multiple vulnerabilities in Mozilla products

National Cyber Alert System

Cyber Security Alert SA04-261A

Multiple vulnerabilities in Mozilla products

Original release date: September 17, 2004
Last revised: --
Source: US-CERT

Systems Affected

Mozilla Suite (Mozilla web browser, Mozilla Mail)
Firefox web browser
Thunderbird email client

Overview

By taking advantage of one or more vulnerabilities in Mozilla products, an attacker may be able to take control of your computer.

Solution

Upgrade to the latest version

Mozilla has released updated versions of the affected products. You can download the latest versions:

Mozilla

Firefox

Thunderbird

Description

There are vulnerabilities in various features of Mozilla's web browsers and email clients. Some of the vulnerabilities are connected to the way the application handles URLs or images. In one instance, an attacker could cause an application to crash or could take control of your computer by convincing you to view a malicious web site or email message.

For more technical information, see US-CERT Technical Alert TA04-261A.

References

Known Vulnerabilities in Mozilla - <http://www.mozilla.org/projects/security/known-vulnerabilities.html>
US-CERT Technical Cyber Security Alert TA04-261A - <http://www.us-cert.gov/cas/techalerts/TA04-261A.html>

Feedback can be directed to US-CERT.

Revision History

September 17, 2004: Initial release

Last updated February 11, 2008

US-CERT: United States Computer Emergency Readiness Team

Information For

Sign Up

Reporting