mozilla-thunderbird - several vulnerabilities

Several security related problems have been discovered in Mozilla
which are also present in Mozilla Thunderbird. The Common
Vulnerabilities and Exposures project identifies the following
vulnerabilities:

• CVE-2006-1942
  Eric Foley discovered that a user can be tricked to expose a local
  file to a remote attacker by displaying a local file as image in
  connection with other vulnerabilities. [MFSA-2006-39]
• CVE-2006-2775
  XUL attributes are associated with the wrong URL under certain
  circumstances, which might allow remote attackers to bypass
  restrictions. [MFSA-2006-35]
• CVE-2006-2776
  Paul Nickerson discovered that content-defined setters on an
  object prototype were getting called by privileged user interface
  code, and “moz_bug_r_a4” demonstrated that the higher privilege
  level could be passed along to the content-defined attack code.
  [MFSA-2006-37]
• CVE-2006-2777
  A vulnerability allows remote attackers to execute arbitrary code
  and create notifications that are executed in a privileged
  context. [MFSA-2006-43]
• CVE-2006-2778
  Mikolaj Habryn discovered a buffer overflow in the crypto.signText function
  that allows remote attackers to execute arbitrary code via certain
  optional Certificate Authority name arguments. [MFSA-2006-38]
• CVE-2006-2779
  Mozilla team members discovered several crashes during testing of
  the browser engine showing evidence of memory corruption which may
  also lead to the execution of arbitrary code. This problem has
  only partially been corrected. [MFSA-2006-32]
• CVE-2006-2780
  An integer overflow allows remote attackers to cause a denial of
  service and may permit the execution of arbitrary code.
  [MFSA-2006-32]
• CVE-2006-2781
  Masatoshi Kimura discovered a double-free vulnerability that
  allows remote attackers to cause a denial of service and possibly
  execute arbitrary code via a VCard. [MFSA-2006-40]
• CVE-2006-2782
  Chuck McAuley discovered that a text input box can be pre-filled
  with a filename and then turned into a file-upload control,
  allowing a malicious website to steal any local file whose name
  they can guess. [MFSA-2006-41, MFSA-2006-23, CVE-2006-1729]
• CVE-2006-2783
  Masatoshi Kimura discovered that the Unicode Byte-order-Mark (BOM)
  is stripped from UTF-8 pages during the conversion to Unicode
  before the parser sees the web page, which allows remote attackers
  to conduct cross-site scripting (XSS) attacks. [MFSA-2006-42]
• CVE-2006-2784
  Paul Nickerson discovered that the fix for CVE-2005-0752 can be
  bypassed using nested javascript: URLs, allowing the attacker to
  execute privileged code. [MFSA-2005-34, MFSA-2006-36]
• CVE-2006-2785
  Paul Nickerson demonstrated that if an attacker could convince a
  user to right-click on a broken image and choose “View Image” from
  the context menu then he could get JavaScript to
  run. [MFSA-2006-34]
• CVE-2006-2786
  Kazuho Oku discovered that Mozilla’s lenient handling of HTTP
  header syntax may allow remote attackers to trick the browser to
  interpret certain responses as if they were responses from two
  different sites. [MFSA-2006-33]
• CVE-2006-2787
  The Mozilla researcher “moz_bug_r_a4” discovered that JavaScript
  run via EvalInSandbox can escape the sandbox and gain elevated
  privilege. [MFSA-2006-31]

For the stable distribution (sarge) these problems have been fixed in
version 1.0.2-2.sarge1.0.8a.

For the unstable distribution (sid) these problems have been fixed in
version 1.5.0.4-1 and xulrunner 1.5.0.4-1 for galeon and epiphany.

We recommend that you upgrade your Mozilla Thunderbird packages.