Peter Winter-Smith of NGSSoftware has reported a vulnerability in WinRAR, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the "Repair Archive" feature.
Successful exploitation requires that a user is tricked into using the "Repair Archive" feature on a specially crafted archive file.
The vulnerability has been reported in versions 3.40 and prior.
Solution: Update to version 3.41.
Mozilla / Thunderbird Valid Email Address Enumeration Weakness
Exposure of system information
Mozilla Thunderbird 0.x
plonk has discovered a weakness in Mozilla and Thunderbird, which can
be exploited by malicious people to enumerate valid email addresses.
The weakness is caused due to an improper behaviour where references
to external stylesheets in HTML documents are followed. This can be
exploited to validate the existence of an mail address when a
malicious mail is opened.
The weakness has been confirmed in Mozilla 1.7.3 and Thunderbird 0.8.
Other versions may also be affected.
If this is considered a problem, then disable HTML support in
"View" --> "Message Body As" --> "Plain Text"
PROVIDED AND/OR DISCOVERED BY: