CVE-2005-2353

Publication date 5 August 2005

Last updated 17 July 2025

Ubuntu priority

Medium

Why this priority?

Description

run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.

Status

Package Ubuntu Release Status
firefox 7.04 feisty
Fixed 2.0.0.6+1-0ubuntu1
6.10 edgy
Fixed 2.0.0.6+0dfsg-0ubuntu0.6.10
6.06 LTS dapper
Fixed 1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1
firefox-granparadiso 7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper Not in release
lightning-sunbird 7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper Not in release
midbrowser 7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper Not in release
mozilla-thunderbird 7.04 feisty
Fixed 1.5.0.13-0ubuntu0.7.04
6.10 edgy
Fixed 1.5.0.13-0ubuntu0.6.10
6.06 LTS dapper
Fixed 1.5.0.13-0ubuntu0.6.06
xulrunner 7.04 feisty
Fixed 1.8.0.5-4.2
6.10 edgy
Fixed 1.8.0.5-4.2
6.06 LTS dapper Not in release

References

Related Ubuntu Security Notices (USN)

    • USN-157-1
    • Mozilla Thunderbird vulnerabilities
    • 1 August 2005

Other references