132112 : RHSA-2008-0224: Thunderbird

Risk 5 : Red Hat Local Checks

Updated thunderbird packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Mozilla Thunderbird is a standalone mail and newsgroup client.

A flaw was found in the processing of malformed JavaScript content. An HTML mail message containing such malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2008-1380)

Note: JavaScript support is disabled by default in Thunderbird the above issue is not exploitable unless JavaScript is enabled.

All Thunderbird users should upgrade to these updated packages, which contain backported patches to resolve these issues.

Solution:
Get the newest RedHat Updates.
References:
CVSS Information:
Complete Confidentiality Impact, Complete Integrity Impact, Complete Availability Impact
Credit:
Tenable : 2009-12-04
New Search
Keywords
Risk Factor
Start Date
End Date
Browse