Test Kennung:	1.3.6.1.4.1.25623.1.0.61884
Kategorie:	Red Hat Local Security Checks
Titel:	RedHat Security Advisory RHSA-2008:0976
Zusammenfassung:	Redhat Security Advisory RHSA-2008:0976
Beschreibung:	The remote host is missing updates announced in advisory RHSA-2008:0976. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5021) Several flaws were found in the way malformed HTML mail content was processed. An HTML mail message containing specially-crafted content could potentially trick a Thunderbird user into surrendering sensitive information. (CVE-2008-5012, CVE-2008-5022, CVE-2008-5024) All Thunderbird users should upgrade to these updated packages, which resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2008-0976.html Risk factor : Critical
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5014 https://bugzilla.mozilla.org/show_bug.cgi?id=436741 Debian Security Information: DSA-1669 (Google Search) http://www.debian.org/security/2008/dsa-1669 Debian Security Information: DSA-1671 (Google Search) http://www.debian.org/security/2008/dsa-1671 Debian Security Information: DSA-1697 (Google Search) http://www.debian.org/security/2009/dsa-1697 Debian Security Information: DSA-1696 (Google Search) http://www.debian.org/security/2009/dsa-1696 https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:228 http://www.mandriva.com/security/advisories?name=MDVSA-2008:235 http://www.mandriva.com/security/advisories?name=MDVSA-2008:230 http://www.redhat.com/support/errata/RHSA-2008-0977.html http://www.redhat.com/support/errata/RHSA-2008-0978.html http://www.redhat.com/support/errata/RHSA-2008-0976.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 SuSE Security Announcement: SUSE-SA:2008:055 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html http://ubuntu.com/usn/usn-667-1 Cert/CC Advisory: TA08-319A http://www.us-cert.gov/cas/techalerts/TA08-319A.html BugTraq ID: 32281 http://www.securityfocus.com/bid/32281 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9157 http://www.securitytracker.com/id?1021182 http://secunia.com/advisories/34501 http://secunia.com/advisories/32684 http://secunia.com/advisories/32798 http://secunia.com/advisories/32778 http://secunia.com/advisories/32853 http://www.vupen.com/english/advisories/2008/3146 http://secunia.com/advisories/32721 http://secunia.com/advisories/32845 http://secunia.com/advisories/32693 http://secunia.com/advisories/32694 http://secunia.com/advisories/32695 http://secunia.com/advisories/32714 http://secunia.com/advisories/32715 http://secunia.com/advisories/32011 http://secunia.com/advisories/33433 http://secunia.com/advisories/33434 http://www.vupen.com/english/advisories/2009/0977 Common Vulnerability Exposure (CVE) ID: CVE-2008-5016 https://bugzilla.mozilla.org/buglist.cgi?bug_id=439206,453406,458637,444864,452157,449111,444260,457375,433429,443528,430394 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11356 http://www.securitytracker.com/id?1021183 http://secunia.com/advisories/32713 Common Vulnerability Exposure (CVE) ID: CVE-2008-5017 https://bugzilla.mozilla.org/show_bug.cgi?id=455987 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11436 Common Vulnerability Exposure (CVE) ID: CVE-2008-5018 https://bugzilla.mozilla.org/show_bug.cgi?id=452786 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9872 Common Vulnerability Exposure (CVE) ID: CVE-2008-5021 https://bugzilla.mozilla.org/show_bug.cgi?id=460002 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9642 http://www.securitytracker.com/id?1021186 Common Vulnerability Exposure (CVE) ID: CVE-2008-5012 Bugtraq: 20081118 Firefox cross-domain image theft (CESA-2008-009) (Google Search) http://www.securityfocus.com/archive/1/498468 https://bugzilla.mozilla.org/show_bug.cgi?id=355126 https://bugzilla.mozilla.org/show_bug.cgi?id=451619 http://scary.beasts.org/security/CESA-2008-009.html http://scarybeastsecurity.blogspot.com/2008/11/firefox-cross-domain-image-theft-and.html BugTraq ID: 32351 http://www.securityfocus.com/bid/32351 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10750 http://www.securitytracker.com/id?1021187 Common Vulnerability Exposure (CVE) ID: CVE-2008-5022 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11186 http://www.securitytracker.com/id?1021188 Common Vulnerability Exposure (CVE) ID: CVE-2008-5024 https://bugzilla.mozilla.org/show_bug.cgi?id=453915 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9063 http://www.securitytracker.com/id?1021192
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 32582 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Registrierung eines neuen Benutzers Email: Benutzerkennung: Passwort: Bitte schicken Sie mir den monatlichen Newsletter, der mich über die neuesten Services, Verbesserungen und Umfragen informiert. Bitte schicken Sie mir eine Anfälligkeitstest Benachrichtigung, wenn ein neuer Test hinzugefügt wird.     Datenschutz

Anmeldung für registrierte Benutzer   Benutzerkennung:     Passwort:     Benutzerkennung oder Passwort vergessen? Email/Benutzerkennung: