Test ID:	1.3.6.1.4.1.25623.1.0.51926
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2005:337
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2005:337. Mozilla Thunderbird is a standalone mail and newsgroup client. A buffer overflow bug was found in the way Thunderbird processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0399 to this issue. A bug was found in the Thunderbird string handling functions. If a malicious website is able to exhaust a system's memory, it becomes possible to execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0255 to this issue. Users of Thunderbird are advised to upgrade to this updated package which contains Thunderbird version 1.0.2 and is not vulnerable to these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-337.html Risk factor : High CVSS Score: 5.1
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0399 12881 http://www.securityfocus.com/bid/12881 14654 http://secunia.com/advisories/14654 15495 http://www.securityfocus.com/bid/15495 19823 http://secunia.com/advisories/19823 20050323 Mozilla Foundation GIF Overflow http://xforce.iss.net/xforce/alerts/id/191 ADV-2005-0296 http://www.vupen.com/english/advisories/2005/0296 GLSA-200503-30 http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml P-160 http://www.ciac.org/ciac/bulletins/p-160.shtml RHSA-2005:323 http://www.redhat.com/support/errata/RHSA-2005-323.html RHSA-2005:335 http://www.redhat.com/support/errata/RHSA-2005-335.html RHSA-2005:336 http://www.redhat.com/support/errata/RHSA-2005-336.html RHSA-2005:337 http://www.redhat.com/support/errata/RHSA-2005-337.html SCOSA-2005.49 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt SUSE-SA:2006:022 http://www.novell.com/linux/security/advisories/2006_04_25.html VU#557948 http://www.kb.cert.org/vuls/id/557948 gif-extension-overflow(19269) https://exchange.xforce.ibmcloud.com/vulnerabilities/19269 http://www.mozilla.org/security/announce/mfsa2005-30.html https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877 oval:org.mitre.oval:def:100028 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028 oval:org.mitre.oval:def:11377 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377 Common Vulnerability Exposure (CVE) ID: CVE-2005-0255 BugTraq ID: 12659 http://www.securityfocus.com/bid/12659 http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml http://www.idefense.com/application/poi/display?id=200&type=vulnerabilities https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100040 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9111 http://www.redhat.com/support/errata/RHSA-2005-176.html http://www.redhat.com/support/errata/RHSA-2005-277.html SuSE Security Announcement: SUSE-SA:2005:016 (Google Search) http://www.novell.com/linux/security/advisories/2005_16_mozilla_firefox.html SuSE Security Announcement: SUSE-SA:2006:022 (Google Search)
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.