Denial of Service : Mozilla Products DoS Vulnerability (Jun 2009)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.900389

Categoría: Denial of Service

Título: Mozilla Products DoS Vulnerability (Jun 2009) - Windows

Resumen: Thunderbird/Seamonkey is prone to a denial of service (DoS) vulnerability.

Descripción: Summary:
Thunderbird/Seamonkey is prone to a denial of service (DoS) vulnerability.

Vulnerability Insight:
The flaw exists when application fails to handle user input messages via
a multipart or alternative e-mail message containing a text or enhanced part
that triggers access to an incorrect object type.

Vulnerability Impact:
Successful exploitation will allow attacker to execute arbitrary code via
e-mail messages, and results in Denial of Service condition.

Affected Software/OS:
Seamonkey version prior to 1.1.17 and
Thunderbird version prior to 2.0.0.22 on Windows.

Solution:
Upgrade to Seamonkey version 1.1.17

Upgrade to Thunderbird version 2.0.0.22.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-2210
BugTraq ID: 35461
http://www.securityfocus.com/bid/35461
Debian Security Information: DSA-1830 (Google Search)
http://www.debian.org/security/2009/dsa-1830
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00444.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00504.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:141
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9994
http://www.redhat.com/support/errata/RHSA-2009-1134.html
http://securitytracker.com/id?1022433
http://secunia.com/advisories/35561
http://secunia.com/advisories/35602
http://secunia.com/advisories/35633
http://secunia.com/advisories/35882
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425408
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.454275
XForce ISS Database: mozilla-multipart-alternative-code-exec(51315)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51315

Copyright Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.900389
Categoría:	Denial of Service
Título:	Mozilla Products DoS Vulnerability (Jun 2009) - Windows
Resumen:	Thunderbird/Seamonkey is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: Thunderbird/Seamonkey is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw exists when application fails to handle user input messages via a multipart or alternative e-mail message containing a text or enhanced part that triggers access to an incorrect object type. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary code via e-mail messages, and results in Denial of Service condition. Affected Software/OS: Seamonkey version prior to 1.1.17 and Thunderbird version prior to 2.0.0.22 on Windows. Solution: Upgrade to Seamonkey version 1.1.17 Upgrade to Thunderbird version 2.0.0.22. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2210 BugTraq ID: 35461 http://www.securityfocus.com/bid/35461 Debian Security Information: DSA-1830 (Google Search) http://www.debian.org/security/2009/dsa-1830 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00444.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00504.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:141 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9994 http://www.redhat.com/support/errata/RHSA-2009-1134.html http://securitytracker.com/id?1022433 http://secunia.com/advisories/35561 http://secunia.com/advisories/35602 http://secunia.com/advisories/35633 http://secunia.com/advisories/35882 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425408 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.454275 XForce ISS Database: mozilla-multipart-alternative-code-exec(51315) https://exchange.xforce.ibmcloud.com/vulnerabilities/51315
Copyright	Copyright (C) 2009 Greenbone AG