English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 75516 CVE descriptions
and 39786 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.61679
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-647-1 (thunderbird)
Summary:Ubuntu USN-647-1 (thunderbird)
Description:
The remote host is missing an update to thunderbird
announced via advisory USN-647-1.

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

For details on the issues addressed in this update, please
visit the referenced security advisories.

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
mozilla-thunderbird 1.5.0.13+1.5.0.15~
prepatch080614g-0ubuntu0.6.06.1

Ubuntu 7.04:
mozilla-thunderbird 1.5.0.13+1.5.0.15~
prepatch080614g-0ubuntu0.7.04.1

Ubuntu 7.10:
thunderbird 2.0.0.17+nobinonly-0ubuntu0.7.10.1

Ubuntu 8.04 LTS:
thunderbird 2.0.0.17+nobinonly-0ubuntu0.8.04.1

After a standard system upgrade you need to restart Thunderbird to
effect the necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-647-1

Risk factor : Critical
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-3835
Debian Security Information: DSA-1669 (Google Search)
http://www.debian.org/security/2008/dsa-1669
Debian Security Information: DSA-1697 (Google Search)
http://www.debian.org/security/2009/dsa-1697
Debian Security Information: DSA-1696 (Google Search)
http://www.debian.org/security/2009/dsa-1696
Debian Security Information: DSA-1649 (Google Search)
http://www.debian.org/security/2008/dsa-1649
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html
http://www.mandriva.com/security/advisories?name=MDVSA-2008:205
http://www.mandriva.com/security/advisories?name=MDVSA-2008:206
http://www.redhat.com/support/errata/RHSA-2008-0908.html
http://www.redhat.com/support/errata/RHSA-2008-0882.html
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
SuSE Security Announcement: SUSE-SA:2008:050 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html
http://www.ubuntu.com/usn/usn-647-1
http://www.ubuntu.com/usn/usn-645-1
http://www.ubuntu.com/usn/usn-645-2
BugTraq ID: 31346
http://www.securityfocus.com/bid/31346
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9643
http://secunia.com/advisories/34501
http://secunia.com/advisories/32185
http://secunia.com/advisories/32196
http://www.vupen.com/english/advisories/2008/2661
http://www.securitytracker.com/id?1020919
http://secunia.com/advisories/32042
http://secunia.com/advisories/32025
http://secunia.com/advisories/32092
http://secunia.com/advisories/32144
http://secunia.com/advisories/32044
http://secunia.com/advisories/32082
http://secunia.com/advisories/32845
http://secunia.com/advisories/31984
http://secunia.com/advisories/31985
http://secunia.com/advisories/32007
http://secunia.com/advisories/32010
http://secunia.com/advisories/32012
http://secunia.com/advisories/33433
http://secunia.com/advisories/33434
http://www.vupen.com/english/advisories/2009/0977
XForce ISS Database: firefox-onchannelredirect-security-bypass(45347)
http://xforce.iss.net/xforce/xfdb/45347
Common Vulnerability Exposure (CVE) ID: CVE-2008-4058
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html
http://www.redhat.com/support/errata/RHSA-2008-0879.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9679
http://www.securitytracker.com/id?1020915
http://secunia.com/advisories/32089
http://secunia.com/advisories/32095
http://secunia.com/advisories/32096
http://secunia.com/advisories/31987
http://secunia.com/advisories/32011
XForce ISS Database: firefox3-xpcnativewrappers-code-execution(45349)
http://xforce.iss.net/xforce/xfdb/45349
Common Vulnerability Exposure (CVE) ID: CVE-2008-4059
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9529
XForce ISS Database: firefox2-xpcnativewrappers-code-execution(45352)
http://xforce.iss.net/xforce/xfdb/45352
Common Vulnerability Exposure (CVE) ID: CVE-2008-4060
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11607
XForce ISS Database: firefox-xslt-code-execution(45353)
http://xforce.iss.net/xforce/xfdb/45353
Common Vulnerability Exposure (CVE) ID: CVE-2008-4061
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10794
http://www.securitytracker.com/id?1020916
XForce ISS Database: multiple-mozilla-layout-code-execution(45351)
http://xforce.iss.net/xforce/xfdb/45351
Common Vulnerability Exposure (CVE) ID: CVE-2008-4062
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10206
XForce ISS Database: multiple-mozilla-javascript-code-execution(45355)
http://xforce.iss.net/xforce/xfdb/45355
Common Vulnerability Exposure (CVE) ID: CVE-2008-4063
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11151
XForce ISS Database: mozilla-firefox-layout-code-execution(45354)
http://xforce.iss.net/xforce/xfdb/45354
Common Vulnerability Exposure (CVE) ID: CVE-2008-4064
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11743
XForce ISS Database: firefox-imagegraphics-code-execution(45357)
http://xforce.iss.net/xforce/xfdb/45357
Common Vulnerability Exposure (CVE) ID: CVE-2008-4065
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11383
http://www.securitytracker.com/id?1020920
XForce ISS Database: firefox-bom-security-bypass(45356)
http://xforce.iss.net/xforce/xfdb/45356
Common Vulnerability Exposure (CVE) ID: CVE-2008-4066
http://blogs.technet.com/bluehat/archive/2008/08/14/targeted-fuzzing.aspx
http://www.thespanner.co.uk/2008/06/30/javascript-protocol-fuzz-results/
http://jvn.jp/en/jp/JVN96950482/index.html
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000058.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8880
XForce ISS Database: firefox-htmlparser-security-bypass(45358)
http://xforce.iss.net/xforce/xfdb/45358
Common Vulnerability Exposure (CVE) ID: CVE-2008-4067
http://www.0x000000.com/?i=422
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10770
http://www.securitytracker.com/id?1020921
XForce ISS Database: mozilla-protocol-directory-traversal(45359)
http://xforce.iss.net/xforce/xfdb/45359
Common Vulnerability Exposure (CVE) ID: CVE-2008-4068
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11471
XForce ISS Database: mozilla-resourceprotocol-info-disclosure(45360)
http://xforce.iss.net/xforce/xfdb/45360
Common Vulnerability Exposure (CVE) ID: CVE-2008-4070
BugTraq ID: 31411
http://www.securityfocus.com/bid/31411
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10933
http://www.securitytracker.com/id?1020948
XForce ISS Database: mozilla-newsgroupmessage-bo(45426)
http://xforce.iss.net/xforce/xfdb/45426
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 39786 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.