ID de Prueba:	1.3.6.1.4.1.25623.1.0.51926
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:337
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:337. Mozilla Thunderbird is a standalone mail and newsgroup client. A buffer overflow bug was found in the way Thunderbird processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0399 to this issue. A bug was found in the Thunderbird string handling functions. If a malicious website is able to exhaust a system's memory, it becomes possible to execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0255 to this issue. Users of Thunderbird are advised to upgrade to this updated package which contains Thunderbird version 1.0.2 and is not vulnerable to these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-337.html Risk factor : High CVSS Score: 5.1
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0399 12881 http://www.securityfocus.com/bid/12881 14654 http://secunia.com/advisories/14654 15495 http://www.securityfocus.com/bid/15495 19823 http://secunia.com/advisories/19823 20050323 Mozilla Foundation GIF Overflow http://xforce.iss.net/xforce/alerts/id/191 ADV-2005-0296 http://www.vupen.com/english/advisories/2005/0296 GLSA-200503-30 http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml P-160 http://www.ciac.org/ciac/bulletins/p-160.shtml RHSA-2005:323 http://www.redhat.com/support/errata/RHSA-2005-323.html RHSA-2005:335 http://www.redhat.com/support/errata/RHSA-2005-335.html RHSA-2005:336 http://www.redhat.com/support/errata/RHSA-2005-336.html RHSA-2005:337 http://www.redhat.com/support/errata/RHSA-2005-337.html SCOSA-2005.49 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt SUSE-SA:2006:022 http://www.novell.com/linux/security/advisories/2006_04_25.html VU#557948 http://www.kb.cert.org/vuls/id/557948 gif-extension-overflow(19269) https://exchange.xforce.ibmcloud.com/vulnerabilities/19269 http://www.mozilla.org/security/announce/mfsa2005-30.html https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877 oval:org.mitre.oval:def:100028 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028 oval:org.mitre.oval:def:11377 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377 Common Vulnerability Exposure (CVE) ID: CVE-2005-0255 BugTraq ID: 12659 http://www.securityfocus.com/bid/12659 http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml http://www.idefense.com/application/poi/display?id=200&type=vulnerabilities https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100040 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9111 http://www.redhat.com/support/errata/RHSA-2005-176.html http://www.redhat.com/support/errata/RHSA-2005-277.html SuSE Security Announcement: SUSE-SA:2005:016 (Google Search) http://www.novell.com/linux/security/advisories/2005_16_mozilla_firefox.html SuSE Security Announcement: SUSE-SA:2006:022 (Google Search)
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.