rPath Security Advisory: 2006-0206-1 Published: 2006-11-09 Products: rPath Linux 1 Rating: Severe Exposure Level Classification: Remote User Deterministic Unauthorized Access Updated Versions: firefox=/conary.rpath.com@rpl:devel//1/1.5.0.8-0.1-1 thunderbird=/conary.rpath.com@rpl:devel//1/1.5.0.8-0.1-1 References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5463 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5464 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5747 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5748 https://issues.rpath.com/browse/RPL-765 Description: Previous versions of the firefox and thunderbird packages are vulnerable to multiple attacks. One vulnerability is in page rendering, and the remaining three vulnerabilities are in JavaScript. (JavaScript vulnerabilities do not affect thunderbird in the default, recommended configuration of not enabling JavaScript.)