openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-4811)

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update brings Mozilla Thunderbird to security update version
2.0.0.9

Following security problems were fixed :

- MFSA 2007-29: Crashes with evidence of memory corruption
As part of the Firefox 2.0.0.8 update releases Mozilla
developers fixed many bugs to improve the stability of
the product. Some of these crashes showed evidence of
memory corruption under certain circumstances and we
presume that with enough effort at least some of these
could be exploited to run arbitrary code.

- CVE-2007-5339 Browser crashes

- CVE-2007-5340 JavaScript engine crashes

Also enigmail was upgraded to 0.95.5.

Solution :

Update the affected MozillaThunderbird packages.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 29694 ()

Bugtraq ID:

CVE ID: CVE-2007-5339
CVE-2007-5340

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now