Bug 19748

Summary: множественные уязвимости, MSFA 2009-14,16-19
Product: Sisyphus Reporter: Vladimir Lettiev <crux>
Component: thunderbirdAssignee: Ajrat Makhmutov <rauty>
Status: CLOSED FIXED QA Contact: qa-sisyphus
Severity: blocker    
Priority: P3 CC: rauty
Version: unstable   
Hardware: all   
OS: Linux   
URL: http://secunia.com/advisories/34780/

Description Vladimir Lettiev 2009-04-24 01:41:00 MSD 
Обнаружены множественные уязвимости в ветке 2.x:
MFSA 2009-19  Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString
MFSA 2009-18 XSS hazard using third-party stylesheets and XBL bindings
MFSA 2009-17 Same-origin violations when Adobe Flash loaded via view-source: scheme
MFSA 2009-16 jar: scheme ignores the content-disposition: header on the inner URI
MFSA 2009-14 Crashes with evidence of memory corruption (rv:1.9.0.9)

Официальное исправление пока ещё не вышло.
Comment 1 Alexey Gladkov 2009-04-27 10:23:21 MSD 
Исправлено в сизифе.
Comment 2 Vladimir Lettiev 2009-04-28 19:47:54 MSD 
ok