Test ID:	1.3.6.1.4.1.25623.1.0.68654
Category:	Fedora Local Security Checks
Title:	Fedora Core 13 FEDORA-2010-18778 (thunderbird)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to thunderbird announced via advisory FEDORA-2010-18778. Mozilla Thunderbird is a standalone mail and newsgroup client. Update Information: Update to new upstream Thunderbird version 3.1.7, fixing multiple security issues detailed in the upstream advisory: http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.7 References: [ 1 ] Bug #660420 - CVE-2010-3768 Mozilla add support for OTS font sanitizer (MFSA 2010-78) https://bugzilla.redhat.com/show_bug.cgi?id=660420 [ 2 ] Bug #660408 - CVE-2010-3776 Mozilla miscellaneous memory safety hazards (MFSA 2010-74) https://bugzilla.redhat.com/show_bug.cgi?id=660408 [ 3 ] Bug #660415 - CVE-2010-3777 Mozilla miscellaneous memory safety hazards (MFSA 2010-74) https://bugzilla.redhat.com/show_bug.cgi?id=660415 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update thunderbird' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2010-18778 Risk factor : Critical CVSS Score: 9.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3768 BugTraq ID: 45352 http://www.securityfocus.com/bid/45352 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052110.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052220.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:251 http://www.mandriva.com/security/advisories?name=MDVSA-2010:258 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12533 http://www.redhat.com/support/errata/RHSA-2010-0966.html http://www.redhat.com/support/errata/RHSA-2010-0969.html http://www.securitytracker.com/id?1024846 http://www.securitytracker.com/id?1024848 http://secunia.com/advisories/42716 http://secunia.com/advisories/42818 SuSE Security Announcement: SUSE-SA:2011:003 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html http://www.ubuntu.com/usn/USN-1019-1 http://www.ubuntu.com/usn/USN-1020-1 http://www.vupen.com/english/advisories/2011/0030 Common Vulnerability Exposure (CVE) ID: CVE-2010-3776 BugTraq ID: 45347 http://www.securityfocus.com/bid/45347 Debian Security Information: DSA-2132 (Google Search) http://www.debian.org/security/2010/dsa-2132 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12389 http://www.redhat.com/support/errata/RHSA-2010-0967.html http://www.redhat.com/support/errata/RHSA-2010-0968.html Common Vulnerability Exposure (CVE) ID: CVE-2010-3777 BugTraq ID: 45348 http://www.securityfocus.com/bid/45348 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12468
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.