The remote Ubuntu host is missing one or more security-related patches.
Various flaws have been reported that allow an attacker to execute
arbitrary code with user privileges by tricking the user into opening
is disabled by default for emails, and it is not recommended to enable
it. (CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805,
CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3810,
A buffer overflow has been discovered in the handling of .vcard files.
By tricking a user into importing a malicious vcard into his contacts,
this could be exploited to execute arbitrary code with the user's
The 'enigmail' plugin has been updated to work with the new
Update the affected packages.
Risk factor :
Critical / CVSS Base Score : 10.0