English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.61884
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2008:0976
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2008:0976.

Mozilla Thunderbird is a standalone mail and newsgroup client.

Several flaws were found in the processing of malformed HTML mail content.
An HTML mail message containing malicious content could cause Thunderbird
to crash or, potentially, execute arbitrary code as the user running
Thunderbird. (CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018,
CVE-2008-5021)

Several flaws were found in the way malformed HTML mail content was
processed. An HTML mail message containing specially-crafted content could
potentially trick a Thunderbird user into surrendering sensitive
information. (CVE-2008-5012, CVE-2008-5022, CVE-2008-5024)

All Thunderbird users should upgrade to these updated packages, which
resolve these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2008-0976.html

Risk factor : Critical

CVSS Score:
10.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-5014
1021182
http://www.securitytracker.com/id?1021182
256408
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
32011
http://secunia.com/advisories/32011
32281
http://www.securityfocus.com/bid/32281
32684
http://secunia.com/advisories/32684
32693
http://secunia.com/advisories/32693
32694
http://secunia.com/advisories/32694
32695
http://secunia.com/advisories/32695
32714
http://secunia.com/advisories/32714
32715
http://secunia.com/advisories/32715
32721
http://secunia.com/advisories/32721
32778
http://secunia.com/advisories/32778
32798
http://secunia.com/advisories/32798
32845
http://secunia.com/advisories/32845
32853
http://secunia.com/advisories/32853
33433
http://secunia.com/advisories/33433
33434
http://secunia.com/advisories/33434
34501
http://secunia.com/advisories/34501
ADV-2008-3146
http://www.vupen.com/english/advisories/2008/3146
ADV-2009-0977
http://www.vupen.com/english/advisories/2009/0977
DSA-1669
http://www.debian.org/security/2008/dsa-1669
DSA-1671
http://www.debian.org/security/2008/dsa-1671
DSA-1696
http://www.debian.org/security/2009/dsa-1696
DSA-1697
http://www.debian.org/security/2009/dsa-1697
FEDORA-2008-9667
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html
FEDORA-2008-9669
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html
MDVSA-2008:228
http://www.mandriva.com/security/advisories?name=MDVSA-2008:228
MDVSA-2008:230
http://www.mandriva.com/security/advisories?name=MDVSA-2008:230
MDVSA-2008:235
http://www.mandriva.com/security/advisories?name=MDVSA-2008:235
RHSA-2008:0976
http://www.redhat.com/support/errata/RHSA-2008-0976.html
RHSA-2008:0977
http://www.redhat.com/support/errata/RHSA-2008-0977.html
RHSA-2008:0978
http://www.redhat.com/support/errata/RHSA-2008-0978.html
SUSE-SA:2008:055
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html
TA08-319A
http://www.us-cert.gov/cas/techalerts/TA08-319A.html
USN-667-1
http://ubuntu.com/usn/usn-667-1
http://www.mozilla.org/security/announce/2008/mfsa2008-50.html
https://bugzilla.mozilla.org/show_bug.cgi?id=436741
oval:org.mitre.oval:def:9157
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9157
Common Vulnerability Exposure (CVE) ID: CVE-2008-5016
1021183
http://www.securitytracker.com/id?1021183
32713
http://secunia.com/advisories/32713
http://www.mozilla.org/security/announce/2008/mfsa2008-52.html
https://bugzilla.mozilla.org/buglist.cgi?bug_id=439206%2C453406%2C458637%2C444864%2C452157%2C449111%2C444260%2C457375%2C433429%2C443528%2C430394
oval:org.mitre.oval:def:11356
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11356
Common Vulnerability Exposure (CVE) ID: CVE-2008-5017
https://bugzilla.mozilla.org/show_bug.cgi?id=455987
oval:org.mitre.oval:def:11436
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11436
Common Vulnerability Exposure (CVE) ID: CVE-2008-5018
https://bugzilla.mozilla.org/show_bug.cgi?id=452786
oval:org.mitre.oval:def:9872
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9872
Common Vulnerability Exposure (CVE) ID: CVE-2008-5021
1021186
http://www.securitytracker.com/id?1021186
http://www.mozilla.org/security/announce/2008/mfsa2008-55.html
https://bugzilla.mozilla.org/show_bug.cgi?id=460002
oval:org.mitre.oval:def:9642
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642
Common Vulnerability Exposure (CVE) ID: CVE-2008-5012
1021187
http://www.securitytracker.com/id?1021187
20081118 Firefox cross-domain image theft (CESA-2008-009)
http://www.securityfocus.com/archive/1/498468
32351
http://www.securityfocus.com/bid/32351
http://scary.beasts.org/security/CESA-2008-009.html
http://scarybeastsecurity.blogspot.com/2008/11/firefox-cross-domain-image-theft-and.html
http://www.mozilla.org/security/announce/2008/mfsa2008-48.html
https://bugzilla.mozilla.org/show_bug.cgi?id=355126
https://bugzilla.mozilla.org/show_bug.cgi?id=451619
oval:org.mitre.oval:def:10750
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10750
Common Vulnerability Exposure (CVE) ID: CVE-2008-5022
1021188
http://www.securitytracker.com/id?1021188
http://www.mozilla.org/security/announce/2008/mfsa2008-56.html
oval:org.mitre.oval:def:11186
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11186
Common Vulnerability Exposure (CVE) ID: CVE-2008-5024
1021192
http://www.securitytracker.com/id?1021192
http://www.mozilla.org/security/announce/2008/mfsa2008-58.html
https://bugzilla.mozilla.org/show_bug.cgi?id=453915
oval:org.mitre.oval:def:9063
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9063
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.