Test Kennung:	1.3.6.1.4.1.25623.1.0.56512
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: thunderbird, mozilla-thunderbird
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: thunderbird mozilla-thunderbird CVE-2006-0884 The WYSIWYG rendering engine in Mozilla Thunderbird 1.0.7 and earlier allows user-complicit attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2006-0884 BugTraq ID: 16770 http://www.securityfocus.com/bid/16770 Bugtraq: 20060222 Mozilla Thunderbird : Remote Code Execution & Denial of Service (Google Search) http://www.securityfocus.com/archive/1/425786/100/0/threaded Debian Security Information: DSA-1046 (Google Search) http://www.debian.org/security/2006/dsa-1046 Debian Security Information: DSA-1051 (Google Search) http://www.debian.org/security/2006/dsa-1051 http://www.securityfocus.com/archive/1/436296/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml HPdes Security Advisory: HPSBUX02122 http://www.securityfocus.com/archive/1/438730/100/0/threaded HPdes Security Advisory: HPSBUX02156 http://www.securityfocus.com/archive/1/446657/100/200/threaded HPdes Security Advisory: SSRT061158 HPdes Security Advisory: SSRT061236 http://www.mandriva.com/security/advisories?name=MDKSA-2006:052 http://www.mandriva.com/security/advisories?name=MDKSA-2006:076 http://www.mandriva.com/security/advisories?name=MDKSA-2006:078 http://www.osvdb.org/23653 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10782 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2024 http://www.redhat.com/support/errata/RHSA-2006-0329.html http://www.redhat.com/support/errata/RHSA-2006-0330.html SCO Security Bulletin: SCOSA-2006.26 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt http://securitytracker.com/id?1015665 http://secunia.com/advisories/19721 http://secunia.com/advisories/19811 http://secunia.com/advisories/19821 http://secunia.com/advisories/19823 http://secunia.com/advisories/19863 http://secunia.com/advisories/19902 http://secunia.com/advisories/19941 http://secunia.com/advisories/19950 http://secunia.com/advisories/20051 http://secunia.com/advisories/21033 http://secunia.com/advisories/21622 http://secunia.com/advisories/22065 SGI Security Advisory: 20060404-01-U ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1 SuSE Security Announcement: SUSE-SA:2006:021 (Google Search) http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html SuSE Security Announcement: SUSE-SA:2006:022 (Google Search) http://www.novell.com/linux/security/advisories/2006_04_25.html https://usn.ubuntu.com/276-1/ http://www.vupen.com/english/advisories/2006/3749 XForce ISS Database: mozilla-inline-fwd-code-execution(25983) https://exchange.xforce.ibmcloud.com/vulnerabilities/25983
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.