Test ID:	1.3.6.1.4.1.25623.1.1.10.2018.0261
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2018-0261)
Summary:	The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2018-0261 advisory.
Description:	Summary: The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2018-0261 advisory. Vulnerability Insight: Updated thunderbird packages fix security vulnerabilities: Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150). Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154). Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155). Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159). Mozilla: Hang via malformed headers (CVE-2018-5161). Mozilla: Encrypted mail leaks plaintext through src attribute (CVE-2018-5162). Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168). Mozilla: Filename spoofing for external attachments (CVE-2018-5170). Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178). Mozilla: Backport critical security fixes in Skia (CVE-2018-5183). Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack (CVE-2018-5184). Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185). Affected Software/OS: 'thunderbird, thunderbird-l10n' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-5150 BugTraq ID: 104136 http://www.securityfocus.com/bid/104136 Debian Security Information: DSA-4199 (Google Search) https://www.debian.org/security/2018/dsa-4199 Debian Security Information: DSA-4209 (Google Search) https://www.debian.org/security/2018/dsa-4209 https://security.gentoo.org/glsa/201810-01 https://security.gentoo.org/glsa/201811-13 https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html RedHat Security Advisories: RHSA-2018:1414 https://access.redhat.com/errata/RHSA-2018:1414 RedHat Security Advisories: RHSA-2018:1415 https://access.redhat.com/errata/RHSA-2018:1415 RedHat Security Advisories: RHSA-2018:1725 https://access.redhat.com/errata/RHSA-2018:1725 RedHat Security Advisories: RHSA-2018:1726 https://access.redhat.com/errata/RHSA-2018:1726 http://www.securitytracker.com/id/1040896 https://usn.ubuntu.com/3645-1/ https://usn.ubuntu.com/3660-1/ https://usn.ubuntu.com/3688-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-5154 Common Vulnerability Exposure (CVE) ID: CVE-2018-5155 Common Vulnerability Exposure (CVE) ID: CVE-2018-5159 https://www.exploit-db.com/exploits/44759/ Common Vulnerability Exposure (CVE) ID: CVE-2018-5161 http://www.securitytracker.com/id/1040946 Common Vulnerability Exposure (CVE) ID: CVE-2018-5162 BugTraq ID: 104240 http://www.securityfocus.com/bid/104240 Common Vulnerability Exposure (CVE) ID: CVE-2018-5168 Common Vulnerability Exposure (CVE) ID: CVE-2018-5170 Common Vulnerability Exposure (CVE) ID: CVE-2018-5178 BugTraq ID: 104138 http://www.securityfocus.com/bid/104138 http://www.securitytracker.com/id/1040898 Common Vulnerability Exposure (CVE) ID: CVE-2018-5183 Common Vulnerability Exposure (CVE) ID: CVE-2018-5184 Common Vulnerability Exposure (CVE) ID: CVE-2018-5185
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.