FYI...
Thunderbird 31.3 released
- https://www.mozilla.org/en-US/thunde.../releasenotes/
Dec 1, 2014
Fixed in Thunderbird 31.3
- https://www.mozilla.org/en-US/securi...hunderbird31.3
2014-90 Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory
2014-89 Bad casting from the BasicThebesLayer to BasicContainerLayer
2014-88 Buffer overflow while parsing media content
2014-87 Use-after-free during HTML5 parsing
2014-85 XMLHttpRequest crashes with some input streams
2014-83 Miscellaneous memory safety hazards (rv:34.0 / rv:31.3)
Automated Updates: https://support.mozillamessaging.com...ng-thunderbird
Manual check: Go to >Help >About Thunderbird
Download: https://www.mozilla.org/thunderbird/all.html
___
- http://www.securitytracker.com/id/1031287
CVE Reference: CVE-2014-1587, CVE-2014-1588, CVE-2014-1590, CVE-2014-1592, CVE-2014-1593, CVE-2014-1594, CVE-2014-1595
Dec 3 2014
Impact: Denial of service via network, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 31.3 ...
Solution: The vendor has issued a fix (31.3).