openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-5599)

This script is Copyright (C) 2008-2014 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

Mozilla Thunderbird was updated to

MFSA 2008-34 / CVE-2008-2785: An anonymous researcher, via
TippingPoint's Zero Day Initiative program, reported a vulnerability
in Mozilla CSS reference counting code. The vulnerability was caused
by an insufficiently sized variable being used as a reference counter
for CSS objects. By creating a very large number of references to a
common CSS object, this counter could be overflowed which could cause
a crash when the browser attempts to free the CSS object while still
in use. An attacker could use this crash to run arbitrary code on the
victim's computer

Solution :

Update the affected MozillaThunderbird packages.

Risk factor :

High / CVSS Base Score : 9.3

Family: SuSE Local Security Checks

Nessus Plugin ID: 34198 ()

Bugtraq ID:

CVE ID: CVE-2008-2785

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now