Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.63636
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2009:0258
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2009:0258.

Mozilla Thunderbird is a standalone mail and newsgroup client.

Several flaws were found in the processing of malformed HTML mail content.
An HTML mail message containing malicious content could cause Thunderbird
to crash or, potentially, execute arbitrary code as the user running
Thunderbird. (CVE-2009-0352, CVE-2009-0353, CVE-2009-0772, CVE-2009-0774,
CVE-2009-0775)

Several flaws were found in the way malformed content was processed. An
HTML mail message containing specially-crafted content could potentially
trick a Thunderbird user into surrendering sensitive information.
(CVE-2009-0355, CVE-2009-0776)

Note: JavaScript support is disabled by default in Thunderbird. None of
the above issues are exploitable unless JavaScript is enabled.

All Thunderbird users should upgrade to this updated package, which
resolves these issues. All running instances of Thunderbird must be
restarted for the update to take effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2009-0258.html
http://www.redhat.com/security/updates/classification/#moderate

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-0352
BugTraq ID: 33598
http://www.securityfocus.com/bid/33598
Debian Security Information: DSA-1830 (Google Search)
http://www.debian.org/security/2009/dsa-1830
https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00240.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01077.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:044
http://www.mandriva.com/security/advisories?name=MDVSA-2009:083
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10699
RedHat Security Advisories: RHSA-2009:0256
http://rhn.redhat.com/errata/RHSA-2009-0256.html
http://www.redhat.com/support/errata/RHSA-2009-0257.html
http://www.redhat.com/support/errata/RHSA-2009-0258.html
http://www.securitytracker.com/id?1021663
http://secunia.com/advisories/33799
http://secunia.com/advisories/33802
http://secunia.com/advisories/33808
http://secunia.com/advisories/33809
http://secunia.com/advisories/33816
http://secunia.com/advisories/33831
http://secunia.com/advisories/33841
http://secunia.com/advisories/33846
http://secunia.com/advisories/33869
http://secunia.com/advisories/34324
http://secunia.com/advisories/34387
http://secunia.com/advisories/34417
http://secunia.com/advisories/34462
http://secunia.com/advisories/34464
http://secunia.com/advisories/34527
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952
SuSE Security Announcement: SUSE-SA:2009:009 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html
SuSE Security Announcement: SUSE-SA:2009:023 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html
http://www.ubuntu.com/usn/usn-717-1
https://usn.ubuntu.com/741-1/
http://www.vupen.com/english/advisories/2009/0313
Common Vulnerability Exposure (CVE) ID: CVE-2009-0353
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11193
Common Vulnerability Exposure (CVE) ID: CVE-2009-0355
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9161
http://www.securitytracker.com/id?1021665
http://www.ubuntu.com/usn/usn-717-2
Common Vulnerability Exposure (CVE) ID: CVE-2009-0772
BugTraq ID: 33990
http://www.securityfocus.com/bid/33990
Debian Security Information: DSA-1751 (Google Search)
http://www.debian.org/security/2009/dsa-1751
http://www.mandriva.com/security/advisories?name=MDVSA-2009:075
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5703
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5945
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6097
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6811
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9609
http://www.redhat.com/support/errata/RHSA-2009-0315.html
http://www.redhat.com/support/errata/RHSA-2009-0325.html
http://www.securitytracker.com/id?1021795
http://secunia.com/advisories/34137
http://secunia.com/advisories/34140
http://secunia.com/advisories/34145
http://secunia.com/advisories/34272
http://secunia.com/advisories/34383
SuSE Security Announcement: SUSE-SA:2009:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html
http://www.vupen.com/english/advisories/2009/0632
Common Vulnerability Exposure (CVE) ID: CVE-2009-0774
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11138
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5947
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6057
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6121
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6945
Common Vulnerability Exposure (CVE) ID: CVE-2009-0775
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5806
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5816
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6207
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7584
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9681
http://www.securitytracker.com/id?1021796
Common Vulnerability Exposure (CVE) ID: CVE-2009-0776
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5956
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6017
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6191
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7390
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9241
http://www.securitytracker.com/id?1021797
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.