---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: SUSE update for MozillaFirefox, MozillaThunderbird, and seamonkey SECUNIA ADVISORY ID: SA22980 VERIFY ADVISORY: http://secunia.com/advisories/22980/ CRITICAL: Highly critical IMPACT: Security Bypass, Cross Site Scripting, DoS, System access WHERE: >From remote OPERATING SYSTEM: SUSE Linux 9.3 http://secunia.com/product/4933/ SUSE Linux 10.1 http://secunia.com/product/10796/ SUSE Linux 10 http://secunia.com/product/6221/ SUSE Linux Enterprise Server 10 http://secunia.com/product/12192/ DESCRIPTION: SUSE has issued an update for MozillaFirefox, MozillaThunderbird, and seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and potentially compromise a vulnerable system. For more information: SA22722 SA22770 SOLUTION: Apply updated packages. x86 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-1.5.0.8-0.2.i586.rpm a71ff28968946b9f5f418850fd89f040 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-translations-1.5.0.8-0.2.i586.rpm 0670be80cb53f1812c1ec2111dc3d319 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaThunderbird-1.5.0.8-0.1.i586.rpm 582ee8d62a2265f419f3c935fd28e140 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaThunderbird-translations-1.5.0.8-0.1.i586.rpm 3a697615a0d1d91bbad17744c10d5642 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-1.0.6-0.1.i586.rpm 038fa9aa0cc125ebcabd5056ae053e3c ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-calendar-1.0.6-0.1.i586.rpm 39fb09fd03477ae0b21a9465a367743e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-dom-inspector-1.0.6-0.1.i586.rpm 6e3c9353d48a8aabd5adb17abc8b8a10 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-irc-1.0.6-0.1.i586.rpm f6899d09d3d1d3e03e615a35fb33d693 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-mail-1.0.6-0.1.i586.rpm c64abb5300c18531d13095ac60197117 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-spellchecker-1.0.6-0.1.i586.rpm 6af660eae2ea7212846321fdeabc0a6c ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-venkman-1.0.6-0.1.i586.rpm 1a426dc987e6d1b1cc43362d5bf49c3e SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaFirefox-1.5.0.8-0.2.i586.rpm e33a435adb724a5a67e3f1a6b3170079 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaFirefox-translations-1.5.0.8-0.2.i586.rpm aba89e486b5fd093403070dad154382a ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaThunderbird-1.5.0.8-0.2.i586.rpm a2781cd3c5a5afdffc786fbab2520bba SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/MozillaFirefox-1.5.0.8-0.1.i586.rpm f1e93cd6d77c99c1b8085955169e4f23 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/MozillaFirefox-translations-1.5.0.8-0.1.i586.rpm 239863d6c69b11262007a86c5d5596c3 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/MozillaThunderbird-1.5.0.8-0.1.i586.rpm 44b9e963442b7312dc26f11795022627 Power PC Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-1.5.0.8-0.2.ppc.rpm e909d7df1cb3e4540ca0302508852874 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-translations-1.5.0.8-0.2.ppc.rpm af32635994a6bb074f6d5e5b885ee1c6 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaThunderbird-1.5.0.8-0.1.ppc.rpm bf17da86409001df349ae4fbac4b668b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaThunderbird-translations-1.5.0.8-0.1.ppc.rpm f44b2d371ad12a48a989b96ed4023167 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-1.0.6-0.1.ppc.rpm 8f5947f98696c98356313ca55ac490e8 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-calendar-1.0.6-0.1.ppc.rpm 752591a3c37606ae0cd0bf45a615dc79 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-dom-inspector-1.0.6-0.1.ppc.rpm 2e819c9757969f9599a5c164c3a6580b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-irc-1.0.6-0.1.ppc.rpm 4291c715903383ccc9a171e2e49ebfab ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-mail-1.0.6-0.1.ppc.rpm a19f68a00db97ae677958661c9894f8d ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-spellchecker-1.0.6-0.1.ppc.rpm 31be91c974e4ba3c01439180d480d274 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-venkman-1.0.6-0.1.ppc.rpm f2d1a5caa889b38e90364a6a4a12a980 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaFirefox-1.5.0.8-0.2.ppc.rpm 69f4d936a8d8f11ea0dce189ed4f7f01 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaFirefox-translations-1.5.0.8-0.2.ppc.rpm a7a3bd6f9f3b4147acaf414437fcabe2 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaThunderbird-1.5.0.8-0.2.ppc.rpm e6ca4b911052054a45371f41abc77a70 x86-64 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/MozillaThunderbird-1.5.0.8-0.1.x86_64.rpm f232cb857a035182ed2d521bfd55f874 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/MozillaThunderbird-translations-1.5.0.8-0.1.x86_64.rpm cdb73b01ecd43204b5790ee3bf253de0 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-1.0.6-0.1.x86_64.rpm 7382f2acbf3bd3fc3aed35ca71b0d65e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-calendar-1.0.6-0.1.x86_64.rpm 17e317ec80fa07a95fdc1f113c7417df ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-dom-inspector-1.0.6-0.1.x86_64.rpm 525b092e5cc19e58e80d2f7e520cb554 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-irc-1.0.6-0.1.x86_64.rpm 7ef37cf7fd80a2b40af3bb2f7ff7c665 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-mail-1.0.6-0.1.x86_64.rpm 1705c736eeddaa6d6e4add05e727ef39 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-spellchecker-1.0.6-0.1.x86_64.rpm 0756bad0119aa9f282a70f71a4759a86 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-venkman-1.0.6-0.1.x86_64.rpm b85bfb834272d99c6050bb268c4a3149 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/MozillaThunderbird-1.5.0.8-0.2.x86_64.rpm 96513992769ceb5e0d4b90a9c2fda4de SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/MozillaThunderbird-1.5.0.8-0.1.x86_64.rpm 7cbbc19627f55155e9f7b436b4a33527 Sources: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/MozillaFirefox-1.5.0.8-0.2.src.rpm e911273b221cb088d07f0413f0e22907 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/MozillaThunderbird-1.5.0.8-0.1.src.rpm 5bf89c4adbb54a5e86fa03b3d6b4fde0 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/seamonkey-1.0.6-0.1.src.rpm a2d387652f944c0cb106310ad3502b87 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/MozillaFirefox-1.5.0.8-0.2.src.rpm ccdd21afb275385efd1fa5bee9ce2101 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/MozillaThunderbird-1.5.0.8-0.2.src.rpm 8216c602629777a602bd88b7aa73c5ed SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/MozillaFirefox-1.5.0.8-0.1.src.rpm bbc1be52a5618a586e50e8cd1d1d420b ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/MozillaThunderbird-1.5.0.8-0.1.src.rpm e766484c7d8fb446bd53a20edbc1f0cc Novell Linux Desktop 9 SUSE SLES 10 SUSE SLED 10 http://support.novell.com/techcenter/psdb/eb29e246d47ad02c74de06d48db89df2.html ORIGINAL ADVISORY: http://lists.suse.com/archive/suse-security-announce/2006-Nov/0005.html OTHER REFERENCES: SA22722: http://secunia.com/advisories/22722/ SA22770: http://secunia.com/advisories/22770/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------