English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.57717
Categoría:Red Hat Local Security Checks
Título:RedHat Security Advisory RHSA-2006:0760
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing updates announced in
advisory RHSA-2006:0760.

Mozilla Thunderbird is a standalone mail and newsgroup client.

Several flaws were found in the way Thunderbird processes certain malformed
Javascript code. A malicious web page could cause the execution of
Javascript code in such a way that could cause Thunderbird to crash or
execute arbitrary code as the user running Thunderbird. JavaScript support
is disabled by default in Thunderbird
this issue is not exploitable
without enabling JavaScript. (CVE-2006-6498, CVE-2006-6501, CVE-2006-6502,
CVE-2006-6503, CVE-2006-6504)

Several flaws were found in the way Thunderbird renders web pages. A
malicious web page could cause the browser to crash or possibly execute
arbitrary code as the user running Thunderbird. (CVE-2006-6497)

A heap based buffer overflow flaw was found in the way Thunderbird parses
the Content-Type mail header. A malicious mail message could cause the
Thunderbird client to crash or possibly execute arbitrary code as the user
running Thunderbird. (CVE-2006-6505)

Users of Thunderbird are advised to apply this update, which contains
Thunderbird version 1.5.0.9 that corrects these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2006-0760.html
http://www.redhat.com/security/updates/classification/#critical

Risk factor : Critical

CVSS Score:
9.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-6497
1017398
http://securitytracker.com/id?1017398
1017405
http://securitytracker.com/id?1017405
1017406
http://securitytracker.com/id?1017406
102885
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102885-1
20061202-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc
20061222 rPSA-2006-0234-1 firefox
http://www.securityfocus.com/archive/1/455145/100/0/threaded
20070102 rPSA-2006-0234-2 firefox thunderbird
http://www.securityfocus.com/archive/1/455728/100/200/threaded
21668
http://www.securityfocus.com/bid/21668
23282
http://secunia.com/advisories/23282
23420
http://secunia.com/advisories/23420
23422
http://secunia.com/advisories/23422
23433
http://secunia.com/advisories/23433
23439
http://secunia.com/advisories/23439
23440
http://secunia.com/advisories/23440
23468
http://secunia.com/advisories/23468
23514
http://secunia.com/advisories/23514
23545
http://secunia.com/advisories/23545
23589
http://secunia.com/advisories/23589
23591
http://secunia.com/advisories/23591
23598
http://secunia.com/advisories/23598
23601
http://secunia.com/advisories/23601
23614
http://secunia.com/advisories/23614
23618
http://secunia.com/advisories/23618
23672
http://secunia.com/advisories/23672
23692
http://secunia.com/advisories/23692
23988
http://secunia.com/advisories/23988
24078
http://secunia.com/advisories/24078
24390
http://secunia.com/advisories/24390
24948
http://secunia.com/advisories/24948
ADV-2006-5068
http://www.vupen.com/english/advisories/2006/5068
ADV-2007-1463
http://www.vupen.com/english/advisories/2007/1463
ADV-2008-0083
http://www.vupen.com/english/advisories/2008/0083
DSA-1253
http://www.debian.org/security/2007/dsa-1253
DSA-1258
http://www.debian.org/security/2007/dsa-1258
DSA-1265
http://www.debian.org/security/2007/dsa-1265
FEDORA-2006-1491
http://fedoranews.org/cms/node/2297
FEDORA-2007-004
http://fedoranews.org/cms/node/2338
GLSA-200701-02
http://security.gentoo.org/glsa/glsa-200701-02.xml
GLSA-200701-03
http://www.gentoo.org/security/en/glsa/glsa-200701-03.xml
GLSA-200701-04
http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml
HPSBUX02153
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
MDKSA-2007:010
http://www.mandriva.com/security/advisories?name=MDKSA-2007:010
MDKSA-2007:011
http://www.mandriva.com/security/advisories?name=MDKSA-2007:011
RHSA-2006:0758
http://rhn.redhat.com/errata/RHSA-2006-0758.html
RHSA-2006:0759
http://rhn.redhat.com/errata/RHSA-2006-0759.html
RHSA-2006:0760
http://rhn.redhat.com/errata/RHSA-2006-0760.html
SSRT061181
SUSE-SA:2006:080
http://www.novell.com/linux/security/advisories/2006_80_mozilla.html
SUSE-SA:2007:006
http://www.novell.com/linux/security/advisories/2007_06_mozilla.html
TA06-354A
http://www.us-cert.gov/cas/techalerts/TA06-354A.html
USN-398-1
http://www.ubuntu.com/usn/usn-398-1
USN-398-2
http://www.ubuntu.com/usn/usn-398-2
USN-400-1
http://www.ubuntu.com/usn/usn-400-1
VU#427972
http://www.kb.cert.org/vuls/id/427972
VU#606260
http://www.kb.cert.org/vuls/id/606260
http://www.mozilla.org/security/announce/2006/mfsa2006-68.html
https://issues.rpath.com/browse/RPL-883
oval:org.mitre.oval:def:11691
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11691
Common Vulnerability Exposure (CVE) ID: CVE-2006-6498
102955
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102955-1
25556
http://secunia.com/advisories/25556
ADV-2007-2106
http://www.vupen.com/english/advisories/2007/2106
VU#447772
http://www.kb.cert.org/vuls/id/447772
oval:org.mitre.oval:def:10661
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10661
Common Vulnerability Exposure (CVE) ID: CVE-2006-6501
1017403
http://securitytracker.com/id?1017403
1017404
http://securitytracker.com/id?1017404
1017407
http://securitytracker.com/id?1017407
VU#263412
http://www.kb.cert.org/vuls/id/263412
http://www.mozilla.org/security/announce/2006/mfsa2006-70.html
oval:org.mitre.oval:def:9746
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9746
Common Vulnerability Exposure (CVE) ID: CVE-2006-6502
1017411
http://securitytracker.com/id?1017411
1017412
http://securitytracker.com/id?1017412
1017413
http://securitytracker.com/id?1017413
VU#428500
http://www.kb.cert.org/vuls/id/428500
http://www.mozilla.org/security/announce/2006/mfsa2006-71.html
oval:org.mitre.oval:def:9626
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9626
Common Vulnerability Exposure (CVE) ID: CVE-2006-6503
1017414
http://securitytracker.com/id?1017414
1017415
http://securitytracker.com/id?1017415
1017416
http://securitytracker.com/id?1017416
VU#405092
http://www.kb.cert.org/vuls/id/405092
http://www.mozilla.org/security/announce/2006/mfsa2006-72.html
oval:org.mitre.oval:def:10895
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10895
Common Vulnerability Exposure (CVE) ID: CVE-2006-6504
1017417
http://securitytracker.com/id?1017417
1017418
http://securitytracker.com/id?1017418
20061220 ZDI-06-051: Mozilla Firefox SVG Processing Remote Code Execution Vulnerability
http://www.securityfocus.com/archive/1/454939/100/0/threaded
VU#928956
http://www.kb.cert.org/vuls/id/928956
http://www.mozilla.org/security/announce/2006/mfsa2006-73.html
http://www.zerodayinitiative.com/advisories/ZDI-06-051.html
oval:org.mitre.oval:def:11077
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11077
Common Vulnerability Exposure (CVE) ID: CVE-2006-6505
BugTraq ID: 21668
Bugtraq: 20061222 rPSA-2006-0234-1 firefox (Google Search)
Bugtraq: 20070102 rPSA-2006-0234-2 firefox thunderbird (Google Search)
Cert/CC Advisory: TA06-354A
CERT/CC vulnerability note: VU#887332
http://www.kb.cert.org/vuls/id/887332
Debian Security Information: DSA-1265 (Google Search)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11565
RedHat Security Advisories: RHSA-2006:0759
RedHat Security Advisories: RHSA-2006:0760
http://securitytracker.com/id?1017419
http://securitytracker.com/id?1017420
http://secunia.com/advisories/24108
SGI Security Advisory: 20061202-01-P
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102800-1
SuSE Security Announcement: SUSE-SA:2006:080 (Google Search)
SuSE Security Announcement: SUSE-SA:2007:006 (Google Search)
http://www.vupen.com/english/advisories/2007/0573
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.