FYI...
Thunderbird v24.3.0 released
- http://www.securitytracker.com/id/1029721
CVE Reference: CVE-2014-1477, CVE-2014-1478, CVE-2014-1479, CVE-2014-1481, CVE-2014-1482, CVE-2014-1486, CVE-2014-1487, CVE-2014-1490, CVE-2014-1491
Feb 5 2014
Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 24.3 ...
Solution: The vendor has issued a fix (24.3)...
- https://www.mozilla.org/en-US/thunderbird
Release Notes
- https://www.mozilla.org/en-US/thunde.../releasenotes/
Security Advisories
- https://www.mozilla.org/security/kno...hunderbird24.3
MFSA 2014-13 Inconsistent JavaScript handling of access to Window objects
MFSA 2014-12 NSS ticket handling issues
MFSA 2014-09 Cross-origin information leak through web workers
MFSA 2014-08 Use-after-free with imgRequestProxy and image proccessing
MFSA 2014-04 Incorrect use of discarded images by RasterImage
MFSA 2014-02 Clone protected content with XBL scopes
MFSA 2014-01 Miscellaneous memory safety hazards (rv:27.0 / rv:24.3)
Automated Updates: https://support.mozillamessaging.com...ng-thunderbird
Manual check: Go to >Help >About Thunderbird
Download: https://www.mozilla.org/thunderbird/all.html