Test ID:	1.3.6.1.4.1.25623.1.1.10.2019.0129
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2019-0129)
Summary:	The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2019-0129 advisory.
Description:	Summary: The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2019-0129 advisory. Vulnerability Insight: Use-after-free when removing in-use DOM elements. (CVE-2019-9790) Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey. (CVE-2019-9791) IonMonkey leaks JS_OPTIMIZED_OUT magic value to script. (CVE-2019-9792) Improper bounds checks when Spectre mitigations are disabled. (CVE-2019-9793) Command line arguments not discarded during execution. (CVE-2019-9794) Type-confusion in IonMonkey JIT compiler. (CVE-2019-9795) Use-after-free with SMIL animation controller. (CVE-2019-9796) Windows programs that are not 'URL Handlers' are exposed to web content. (CVE-2019-9801) Proxy Auto-Configuration file can define localhost access to be proxied. (CVE-2018-18506) Memory safety bugs fixed in Firefox 66, Firefox ESR 60.6, and Thunderbird 60.6. (CVE-2019-9788) IonMonkey MArraySlice has incorrect alias information. (CVE-2019-9810) Ionmonkey type confusion with __proto__ mutations. (CVE-2019-9813) Affected Software/OS: 'thunderbird, thunderbird-l10n' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-18506 BugTraq ID: 106773 http://www.securityfocus.com/bid/106773 Bugtraq: 20190320 [SECURITY] [DSA 4411-1] firefox-esr security update (Google Search) https://seclists.org/bugtraq/2019/Mar/28 Bugtraq: 20190401 [SECURITY] [DSA 4420-1] thunderbird security update (Google Search) https://seclists.org/bugtraq/2019/Apr/0 Debian Security Information: DSA-4411 (Google Search) https://www.debian.org/security/2019/dsa-4411 Debian Security Information: DSA-4420 (Google Search) https://www.debian.org/security/2019/dsa-4420 https://security.gentoo.org/glsa/201904-07 https://lists.debian.org/debian-lts-announce/2019/03/msg00024.html https://lists.debian.org/debian-lts-announce/2019/04/msg00000.html RedHat Security Advisories: RHSA-2019:0622 https://access.redhat.com/errata/RHSA-2019:0622 RedHat Security Advisories: RHSA-2019:0623 https://access.redhat.com/errata/RHSA-2019:0623 RedHat Security Advisories: RHSA-2019:0680 https://access.redhat.com/errata/RHSA-2019:0680 RedHat Security Advisories: RHSA-2019:0681 https://access.redhat.com/errata/RHSA-2019:0681 RedHat Security Advisories: RHSA-2019:0966 https://access.redhat.com/errata/RHSA-2019:0966 RedHat Security Advisories: RHSA-2019:1144 https://access.redhat.com/errata/RHSA-2019:1144 SuSE Security Announcement: openSUSE-SU-2019:1056 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00035.html SuSE Security Announcement: openSUSE-SU-2019:1077 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00043.html SuSE Security Announcement: openSUSE-SU-2019:1126 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00023.html SuSE Security Announcement: openSUSE-SU-2019:1162 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00043.html https://usn.ubuntu.com/3874-1/ https://usn.ubuntu.com/3927-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-9788 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1518001%2C1521304%2C1521214%2C1506665%2C1516834%2C1518774%2C1524755%2C1523362%2C1524214%2C1529203 https://www.mozilla.org/security/advisories/mfsa2019-07/ https://www.mozilla.org/security/advisories/mfsa2019-08/ https://www.mozilla.org/security/advisories/mfsa2019-11/ Common Vulnerability Exposure (CVE) ID: CVE-2019-9790 https://bugzilla.mozilla.org/show_bug.cgi?id=1525145 Common Vulnerability Exposure (CVE) ID: CVE-2019-9791 https://bugzilla.mozilla.org/show_bug.cgi?id=1530958 Common Vulnerability Exposure (CVE) ID: CVE-2019-9792 http://packetstormsecurity.com/files/153106/Spidermonkey-IonMonkey-JS_OPTIMIZED_OUT-Value-Leak.html https://bugzilla.mozilla.org/show_bug.cgi?id=1532599 Common Vulnerability Exposure (CVE) ID: CVE-2019-9793 https://bugzilla.mozilla.org/show_bug.cgi?id=1528829 Common Vulnerability Exposure (CVE) ID: CVE-2019-9794 https://bugzilla.mozilla.org/show_bug.cgi?id=1530103 Common Vulnerability Exposure (CVE) ID: CVE-2019-9795 https://bugzilla.mozilla.org/show_bug.cgi?id=1514682 Common Vulnerability Exposure (CVE) ID: CVE-2019-9796 https://bugzilla.mozilla.org/show_bug.cgi?id=1531277 Common Vulnerability Exposure (CVE) ID: CVE-2019-9801 https://bugzilla.mozilla.org/show_bug.cgi?id=1527717 Common Vulnerability Exposure (CVE) ID: CVE-2019-9810 http://packetstormsecurity.com/files/155592/Mozilla-Firefox-Windows-64-Bit-Chain-Exploit.html https://bugzilla.mozilla.org/show_bug.cgi?id=1537924 https://www.mozilla.org/security/advisories/mfsa2019-09/ https://www.mozilla.org/security/advisories/mfsa2019-10/ https://www.mozilla.org/security/advisories/mfsa2019-12/ Common Vulnerability Exposure (CVE) ID: CVE-2019-9813 https://bugzilla.mozilla.org/show_bug.cgi?id=1538006
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.