Ubuntu Local Security Checks : Ubuntu USN-1011-2 (thunderbird)

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.68476

Category: Ubuntu Local Security Checks

Title: Ubuntu USN-1011-2 (thunderbird)

Summary: Ubuntu USN-1011-2 (thunderbird)

Description: The remote host is missing an update to thunderbird
announced via advisory USN-1011-2.

Details follow:

USN-1011-1 fixed a vulnerability in Firefox. This update provides the
corresponding update for Thunderbird.

Original advisory details:

Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a
user were tricked into navigating to a malicious site, an attacker could
cause a denial of service or possibly execute arbitrary code as the user
invoking the program.

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
thunderbird 2.0.0.24+build1+nobinonly-0ubuntu0.8.04.2

Ubuntu 9.10:
thunderbird 2.0.0.24+build1+nobinonly-0ubuntu0.9.10.3

Ubuntu 10.04 LTS:
thunderbird 3.0.10+build1+nobinonly-0ubuntu0.10.04.1

Ubuntu 10.10:
thunderbird 3.1.6+build1+nobinonly-0ubuntu0.10.10.1

After a standard system update you need to restart Thunderbird to make all
the necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-1011-2

Risk factor : Critical

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-3765
http://www.exploit-db.com/exploits/15341
http://www.exploit-db.com/exploits/15342
http://www.exploit-db.com/exploits/15352
http://isc.sans.edu/diary.html?storyid=9817
http://www.norman.com/about_norman/press_center/news_archive/2010/129223/
http://www.norman.com/security_center/virus_description_archive/129146/
https://bugzilla.mozilla.org/show_bug.cgi?id=607222#c53
http://norman.com/about_norman/press_center/news_archive/2010/129223/en?utm_source=twitterfeed&utm_medium=twitter
Debian Security Information: DSA-2124 (Google Search)
http://www.debian.org/security/2010/dsa-2124
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050233.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050061.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:213
http://www.mandriva.com/security/advisories?name=MDVSA-2010:219
http://www.redhat.com/support/errata/RHSA-2010-0809.html
http://www.redhat.com/support/errata/RHSA-2010-0810.html
http://www.redhat.com/support/errata/RHSA-2010-0808.html
RedHat Security Advisories: RHSA-2010:0812
https://rhn.redhat.com/errata/RHSA-2010-0812.html
http://www.redhat.com/support/errata/RHSA-2010-0861.html
http://www.redhat.com/support/errata/RHSA-2010-0896.html
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.556706
http://www.ubuntu.com/usn/USN-1011-3
http://www.ubuntu.com/usn/usn-1011-1
http://www.ubuntu.com/usn/USN-1011-2
BugTraq ID: 44425
http://www.securityfocus.com/bid/44425
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12108
http://www.securitytracker.com/id?1024650
http://www.securitytracker.com/id?1024651
http://www.securitytracker.com/id?1024645
http://secunia.com/advisories/41966
http://secunia.com/advisories/41969
http://secunia.com/advisories/42008
http://secunia.com/advisories/42043
http://secunia.com/advisories/41761
http://secunia.com/advisories/41965
http://secunia.com/advisories/41975
http://secunia.com/advisories/42003
http://secunia.com/advisories/42867
http://www.vupen.com/english/advisories/2010/2871
http://www.vupen.com/english/advisories/2010/2837
http://www.vupen.com/english/advisories/2010/2857
http://www.vupen.com/english/advisories/2010/2864
http://www.vupen.com/english/advisories/2011/0061

Copyright Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	1.3.6.1.4.1.25623.1.0.68476
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-1011-2 (thunderbird)
Summary:	Ubuntu USN-1011-2 (thunderbird)
Description:	The remote host is missing an update to thunderbird announced via advisory USN-1011-2. Details follow: USN-1011-1 fixed a vulnerability in Firefox. This update provides the corresponding update for Thunderbird. Original advisory details: Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a user were tricked into navigating to a malicious site, an attacker could cause a denial of service or possibly execute arbitrary code as the user invoking the program. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: thunderbird 2.0.0.24+build1+nobinonly-0ubuntu0.8.04.2 Ubuntu 9.10: thunderbird 2.0.0.24+build1+nobinonly-0ubuntu0.9.10.3 Ubuntu 10.04 LTS: thunderbird 3.0.10+build1+nobinonly-0ubuntu0.10.04.1 Ubuntu 10.10: thunderbird 3.1.6+build1+nobinonly-0ubuntu0.10.10.1 After a standard system update you need to restart Thunderbird to make all the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-1011-2 Risk factor : Critical
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3765 http://www.exploit-db.com/exploits/15341 http://www.exploit-db.com/exploits/15342 http://www.exploit-db.com/exploits/15352 http://isc.sans.edu/diary.html?storyid=9817 http://www.norman.com/about_norman/press_center/news_archive/2010/129223/ http://www.norman.com/security_center/virus_description_archive/129146/ https://bugzilla.mozilla.org/show_bug.cgi?id=607222#c53 http://norman.com/about_norman/press_center/news_archive/2010/129223/en?utm_source=twitterfeed&utm_medium=twitter Debian Security Information: DSA-2124 (Google Search) http://www.debian.org/security/2010/dsa-2124 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050233.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050061.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:213 http://www.mandriva.com/security/advisories?name=MDVSA-2010:219 http://www.redhat.com/support/errata/RHSA-2010-0809.html http://www.redhat.com/support/errata/RHSA-2010-0810.html http://www.redhat.com/support/errata/RHSA-2010-0808.html RedHat Security Advisories: RHSA-2010:0812 https://rhn.redhat.com/errata/RHSA-2010-0812.html http://www.redhat.com/support/errata/RHSA-2010-0861.html http://www.redhat.com/support/errata/RHSA-2010-0896.html http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.556706 http://www.ubuntu.com/usn/USN-1011-3 http://www.ubuntu.com/usn/usn-1011-1 http://www.ubuntu.com/usn/USN-1011-2 BugTraq ID: 44425 http://www.securityfocus.com/bid/44425 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12108 http://www.securitytracker.com/id?1024650 http://www.securitytracker.com/id?1024651 http://www.securitytracker.com/id?1024645 http://secunia.com/advisories/41966 http://secunia.com/advisories/41969 http://secunia.com/advisories/42008 http://secunia.com/advisories/42043 http://secunia.com/advisories/41761 http://secunia.com/advisories/41965 http://secunia.com/advisories/41975 http://secunia.com/advisories/42003 http://secunia.com/advisories/42867 http://www.vupen.com/english/advisories/2010/2871 http://www.vupen.com/english/advisories/2010/2837 http://www.vupen.com/english/advisories/2010/2857 http://www.vupen.com/english/advisories/2010/2864 http://www.vupen.com/english/advisories/2011/0061
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com