FreeBSD Local Security Checks : FreeBSD Ports: thunderbird

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52370

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: thunderbird

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

thunderbird
firefox
mozilla
mozilla-gtk1
linux-mozilla
linux-mozillafirebird

CVE-2004-0902
Multiple heap-based buffer overflows in Mozilla Firefox before the
Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8
allow remote attackers to cause a denial of service (application
crash) or execute arbitrary code via (1) the 'Send page'
functionality, (2) certain responses from a malicious POP3 server, or
(3) a link containing a non-ASCII hostname.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0902
Cert/CC Advisory: TA04-261A
http://www.us-cert.gov/cas/techalerts/TA04-261A.html
CERT/CC vulnerability note: VU#125776
CERT/CC vulnerability note: VU#327560
CERT/CC vulnerability note: VU#808216
http://marc.info/?l=bugtraq&m=109900315219363&w=2
http://security.gentoo.org/glsa/glsa-200409-26.xml
HPdes Security Advisory: SSRT4826
http://marc.info/?l=bugtraq&m=109698896104418&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11201
SuSE Security Announcement: SUSE-SA:2004:036 (Google Search)
http://www.novell.com/linux/security/advisories/2004_36_mozilla.html
XForce ISS Database: mozilla-netscape-nonascii-bo(17378)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17378
XForce ISS Database: mozilla-nspop3protocol-bo(17379)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17379

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52370
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: thunderbird
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: thunderbird firefox mozilla mozilla-gtk1 linux-mozilla linux-mozillafirebird CVE-2004-0902 Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the 'Send page' functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0902 Cert/CC Advisory: TA04-261A http://www.us-cert.gov/cas/techalerts/TA04-261A.html CERT/CC vulnerability note: VU#125776 CERT/CC vulnerability note: VU#327560 CERT/CC vulnerability note: VU#808216 http://marc.info/?l=bugtraq&m=109900315219363&w=2 http://security.gentoo.org/glsa/glsa-200409-26.xml HPdes Security Advisory: SSRT4826 http://marc.info/?l=bugtraq&m=109698896104418&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11201 SuSE Security Announcement: SUSE-SA:2004:036 (Google Search) http://www.novell.com/linux/security/advisories/2004_36_mozilla.html XForce ISS Database: mozilla-netscape-nonascii-bo(17378) https://exchange.xforce.ibmcloud.com/vulnerabilities/17378 XForce ISS Database: mozilla-nspop3protocol-bo(17379) https://exchange.xforce.ibmcloud.com/vulnerabilities/17379
Copyright	Copyright (C) 2008 E-Soft Inc.