ID de Prueba:	1.3.6.1.4.1.25623.1.0.56512
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: thunderbird, mozilla-thunderbird
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: thunderbird mozilla-thunderbird CVE-2006-0884 The WYSIWYG rendering engine in Mozilla Thunderbird 1.0.7 and earlier allows user-complicit attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-0884 BugTraq ID: 16770 http://www.securityfocus.com/bid/16770 Bugtraq: 20060222 Mozilla Thunderbird : Remote Code Execution & Denial of Service (Google Search) http://www.securityfocus.com/archive/1/425786/100/0/threaded Debian Security Information: DSA-1046 (Google Search) http://www.debian.org/security/2006/dsa-1046 Debian Security Information: DSA-1051 (Google Search) http://www.debian.org/security/2006/dsa-1051 http://www.securityfocus.com/archive/1/436296/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml HPdes Security Advisory: HPSBUX02122 http://www.securityfocus.com/archive/1/438730/100/0/threaded HPdes Security Advisory: HPSBUX02156 http://www.securityfocus.com/archive/1/446657/100/200/threaded HPdes Security Advisory: SSRT061158 HPdes Security Advisory: SSRT061236 http://www.mandriva.com/security/advisories?name=MDKSA-2006:052 http://www.mandriva.com/security/advisories?name=MDKSA-2006:076 http://www.mandriva.com/security/advisories?name=MDKSA-2006:078 http://www.osvdb.org/23653 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10782 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2024 http://www.redhat.com/support/errata/RHSA-2006-0329.html http://www.redhat.com/support/errata/RHSA-2006-0330.html SCO Security Bulletin: SCOSA-2006.26 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt http://securitytracker.com/id?1015665 http://secunia.com/advisories/19721 http://secunia.com/advisories/19811 http://secunia.com/advisories/19821 http://secunia.com/advisories/19823 http://secunia.com/advisories/19863 http://secunia.com/advisories/19902 http://secunia.com/advisories/19941 http://secunia.com/advisories/19950 http://secunia.com/advisories/20051 http://secunia.com/advisories/21033 http://secunia.com/advisories/21622 http://secunia.com/advisories/22065 SGI Security Advisory: 20060404-01-U ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1 SuSE Security Announcement: SUSE-SA:2006:021 (Google Search) http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html SuSE Security Announcement: SUSE-SA:2006:022 (Google Search) http://www.novell.com/linux/security/advisories/2006_04_25.html https://usn.ubuntu.com/276-1/ http://www.vupen.com/english/advisories/2006/3749 XForce ISS Database: mozilla-inline-fwd-code-execution(25983) https://exchange.xforce.ibmcloud.com/vulnerabilities/25983
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.