Test Kennung:	1.3.6.1.4.1.25623.1.0.57004
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200606-21 (mozilla-thunderbird)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 200606-21.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 200606-21. Vulnerability Insight: Several vulnerabilities in Mozilla Thunderbird allow cross site scripting, JavaScript privilege escalation and possibly execution of arbitrary code. Solution: All Mozilla Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-1.5.0.4' All Mozilla Thunderbird binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-bin-1.5.0.4' Note: There is no stable fixed version for the Alpha architecture yet. Users of Mozilla Thunderbird on Alpha should consider unmerging it until such a version is available. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2006-2775 BugTraq ID: 18228 http://www.securityfocus.com/bid/18228 Bugtraq: 20060602 rPSA-2006-0091-1 firefox thunderbird (Google Search) http://www.securityfocus.com/archive/1/435795/100/0/threaded Cert/CC Advisory: TA06-153A http://www.us-cert.gov/cas/techalerts/TA06-153A.html CERT/CC vulnerability note: VU#243153 http://www.kb.cert.org/vuls/id/243153 Debian Security Information: DSA-1118 (Google Search) http://www.debian.org/security/2006/dsa-1118 Debian Security Information: DSA-1120 (Google Search) http://www.debian.org/security/2006/dsa-1120 Debian Security Information: DSA-1134 (Google Search) http://www.debian.org/security/2006/dsa-1134 http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml HPdes Security Advisory: HPSBUX02153 http://www.securityfocus.com/archive/1/446658/100/200/threaded HPdes Security Advisory: HPSBUX02156 http://www.securityfocus.com/archive/1/446657/100/200/threaded HPdes Security Advisory: SSRT061181 HPdes Security Advisory: SSRT061236 http://www.mandriva.com/security/advisories?name=MDKSA-2006:143 http://www.mandriva.com/security/advisories?name=MDKSA-2006:145 http://www.mandriva.com/security/advisories?name=MDKSA-2006:146 http://securitytracker.com/id?1016202 http://securitytracker.com/id?1016214 http://secunia.com/advisories/20376 http://secunia.com/advisories/20382 http://secunia.com/advisories/20561 http://secunia.com/advisories/20709 http://secunia.com/advisories/21176 http://secunia.com/advisories/21178 http://secunia.com/advisories/21183 http://secunia.com/advisories/21188 http://secunia.com/advisories/21210 http://secunia.com/advisories/21324 http://secunia.com/advisories/21532 http://secunia.com/advisories/21607 http://secunia.com/advisories/22065 http://secunia.com/advisories/22066 SuSE Security Announcement: SUSE-SA:2006:035 (Google Search) http://www.novell.com/linux/security/advisories/2006_35_mozilla.html https://usn.ubuntu.com/296-1/ https://usn.ubuntu.com/296-2/ https://usn.ubuntu.com/297-1/ https://usn.ubuntu.com/297-3/ https://usn.ubuntu.com/323-1/ http://www.vupen.com/english/advisories/2006/2106 http://www.vupen.com/english/advisories/2006/3748 http://www.vupen.com/english/advisories/2006/3749 http://www.vupen.com/english/advisories/2008/0083 XForce ISS Database: mozilla-xul-code-execution(26846) https://exchange.xforce.ibmcloud.com/vulnerabilities/26846 Common Vulnerability Exposure (CVE) ID: CVE-2006-2776 CERT/CC vulnerability note: VU#575969 http://www.kb.cert.org/vuls/id/575969 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9849 http://www.redhat.com/support/errata/RHSA-2006-0578.html http://www.redhat.com/support/errata/RHSA-2006-0594.html RedHat Security Advisories: RHSA-2006:0609 http://rhn.redhat.com/errata/RHSA-2006-0609.html http://www.redhat.com/support/errata/RHSA-2006-0610.html http://www.redhat.com/support/errata/RHSA-2006-0611.html http://secunia.com/advisories/21134 http://secunia.com/advisories/21269 http://secunia.com/advisories/21270 http://secunia.com/advisories/21336 http://secunia.com/advisories/21631 http://secunia.com/advisories/24108 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102800-1 http://www.vupen.com/english/advisories/2007/0573 XForce ISS Database: mozilla-contentdefined-code-execution(26848) https://exchange.xforce.ibmcloud.com/vulnerabilities/26848 Common Vulnerability Exposure (CVE) ID: CVE-2006-2778 CERT/CC vulnerability note: VU#421529 http://www.kb.cert.org/vuls/id/421529 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9703 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1 http://www.vupen.com/english/advisories/2007/0058 XForce ISS Database: mozilla-crypto-signtext-bo(26849) https://exchange.xforce.ibmcloud.com/vulnerabilities/26849 Common Vulnerability Exposure (CVE) ID: CVE-2006-2779 CERT/CC vulnerability note: VU#466673 http://www.kb.cert.org/vuls/id/466673 Debian Security Information: DSA-1159 (Google Search) http://www.debian.org/security/2006/dsa-1159 Debian Security Information: DSA-1160 (Google Search) http://www.debian.org/security/2006/dsa-1160 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9762 http://secunia.com/advisories/21634 http://secunia.com/advisories/21654 http://secunia.com/advisories/27216 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102943-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200387-1 http://www.vupen.com/english/advisories/2007/3488 XForce ISS Database: mozilla-browserengine-memory-corruption(26843) https://exchange.xforce.ibmcloud.com/vulnerabilities/26843 Common Vulnerability Exposure (CVE) ID: CVE-2006-2780 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11305 Common Vulnerability Exposure (CVE) ID: CVE-2006-2781 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10247 http://secunia.com/advisories/20394 XForce ISS Database: mozilla-vcard-doublefree-memory-corruption(26850) https://exchange.xforce.ibmcloud.com/vulnerabilities/26850 Common Vulnerability Exposure (CVE) ID: CVE-2006-2783 http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10772 http://secunia.com/advisories/31074 http://secunia.com/advisories/35379 http://www.vupen.com/english/advisories/2008/2094/references http://www.vupen.com/english/advisories/2009/1522 XForce ISS Database: mozilla-bom-utf8-xss(26852) https://exchange.xforce.ibmcloud.com/vulnerabilities/26852 Common Vulnerability Exposure (CVE) ID: CVE-2006-2786 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9966 XForce ISS Database: mozilla-http-response-smuggling(26844) https://exchange.xforce.ibmcloud.com/vulnerabilities/26844 Common Vulnerability Exposure (CVE) ID: CVE-2006-2787 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9491 XForce ISS Database: mozilla-valueof-sandbox-bypass(26842) https://exchange.xforce.ibmcloud.com/vulnerabilities/26842
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.