|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Gentoo Local Security Checks >> [GLSA-200605-09] Mozilla Thunderbird: Multiple vulnerabilities Vulnerability Assessment Details
|
[GLSA-200605-09] Mozilla Thunderbird: Multiple vulnerabilities |
||
Mozilla Thunderbird: Multiple vulnerabilities Detailed Explanation for this Vulnerability Assessment The remote host is affected by the vulnerability described in GLSA-200605-09 (Mozilla Thunderbird: Multiple vulnerabilities) Several vulnerabilities were found and fixed in Mozilla Thunderbird. Impact A remote attacker could craft malicious emails that would leverage these issues to inject and execute arbitrary script code with elevated rights, steal local files or other information from emails, and spoof content. Some of these vulnerabilities might even be exploited to execute arbitrary code with the rights of the user running Thunderbird. Workaround There are no known workarounds for all the issues at this time. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0296 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0748 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0749 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1045 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1727 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1728 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1730 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1731 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1733 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1734 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1735 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1737 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1739 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1741 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1742 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1790 http://www.mozilla.org/projects/security/known-vulnerabilities.html#Thunderbird Solution: All Mozilla Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=mail-client/mozilla-thunderbird-1.0.8" All Mozilla Thunderbird binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=mail-client/mozilla-thunderbird-bin-1.0.8" Note: There is no stable fixed version for the ALPHA architecture yet. Users of Mozilla Thunderbird on ALPHA should consider unmerging it until such a version is available. Network Security Threat Level: Medium Networks Security ID: Vulnerability Assessment Copyright: (C) 2006 Michel Arboi |
||
Cables, Connectors |
Cisco ASA5525-FTD-K9 Security Appliance with FirePower Services
$1000.00
NEW NetFu Firewall Mini, Intel CPU, 6 x Gigabit, 4gb/64gb, pfSense
$300.00
NetFu Firewall 1U, Intel CPU, 8 x Gigabit, SFP, w/ pfSense, Others, NEW OPTIONS
$642.40
Fortinet Fortigate FG-61E | Firewall Network Security Appliance
$49.99
Fortinet FortiGate 50E Firewall
$45.00
Fortinet Fortiwifi 60D FG-60D Security Appliance Firewall / VPN w/ AC Adapter
$34.97
Palo Alto PA-220 Next-Gen Firewall 520-000309-00J w/ Power adapter
$69.98
PALO ALTO PAN-PA-440 NEXT GEN FIREWALL - NEW
$725.00
pfSense firewall 2.7.2 Release 8GB Memory - Dual NIC 1 GB - 256 GB SSD
$97.77
Fortinet Fortigate FG-61E Firewall Network Security Appliance ATP Bundle 1 years
$199.00
|
||
No Discussions have been posted on this vulnerability. |