Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Fedora Local Security Checks
Title:Fedora Core 10 FEDORA-2008-9901 (thunderbird)

The remote host is missing an update to thunderbird
announced via advisory FEDORA-2008-9901.

Update Information:

This update update upgrades thunderbird packages to upstream version,
which fixes multiple security issues detailed in upstream security advisories:

* Wed Nov 19 2008 Christopher Aillon
- Update to


[ 1 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering
[ 2 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption
[ 3 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace
[ 4 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect
[ 5 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption
[ 6 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption
[ 7 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager
[ 8 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation

Solution: Apply the appropriate updates.

This update can be installed with the yum update program. Use
su -c 'yum update thunderbird' at the command line.
For more information, refer to Managing Software with yum,
available at

Risk factor : Critical

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-5014
BugTraq ID: 32281
Cert/CC Advisory: TA08-319A
Debian Security Information: DSA-1669 (Google Search)
Debian Security Information: DSA-1671 (Google Search)
Debian Security Information: DSA-1696 (Google Search)
Debian Security Information: DSA-1697 (Google Search)
SuSE Security Announcement: SUSE-SA:2008:055 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2008-5018
Common Vulnerability Exposure (CVE) ID: CVE-2008-5024
Common Vulnerability Exposure (CVE) ID: CVE-2008-5012
BugTraq ID: 32351
Bugtraq: 20081118 Firefox cross-domain image theft (CESA-2008-009) (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2008-5016,453406,458637,444864,452157,449111,444260,457375,433429,443528,430394
Common Vulnerability Exposure (CVE) ID: CVE-2008-5017
Common Vulnerability Exposure (CVE) ID: CVE-2008-5021
Common Vulnerability Exposure (CVE) ID: CVE-2008-5022
CopyrightCopyright (c) 2008 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.