About Ubuntu

=========================================================== Ubuntu Security Notice USN-181-1 September 12, 2005 mozilla, mozilla-thunderbird, mozilla-firefox vulnerabilities CAN-2005-2871 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: mozilla-browser mozilla-firefox mozilla-thunderbird On Ubuntu 4.10, the problem can be corrected by upgrading the affected packages to version 1.7.10-0ubuntu04.10.1 (mozilla-browser), 1.0.6-0ubuntu04.10.1 (mozilla-thunderbird), and 1.0.6-0ubuntu0.0.2 (mozilla-firefox). On Ubuntu 5.04, the problem can be corrected by upgrading the affected packages to version 1.7.10-0ubuntu05.04.1 (mozilla-browser), 1.0.6-0ubuntu05.04.1 (mozilla-thunderbird), and 1.0.6-0ubuntu0.2 (mozilla-firefox). After a standard system upgrade you need to restart all running Firefox, Mozilla, and Thunderbird instances to effect the necessary changes. Details follow: Tom Ferris discovered a buffer overflow in the Mozilla products (Mozilla browser, Firefox, Thunderbird). By tricking an user to click on a Hyperlink with a specially crafted destination URL, a remote attacker could crash the application. It might even be possible to exploit this vulnerability to execute arbitrary code, but this has not yet been confirmed.