New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 6.7
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA number of vulnerabilities have been discovered in the Mozilla Thunderbird email client that could allow a remote attacker to craft malicious web emails that could take advantage of these issues to execute arbitrary code with elevated privileges, spoof content, and steal local files, or other information. As well, some of these vulnerabilities can be exploited to execute arbitrary code with the privileges of the user running the program.
As well, two crasher bugs have been fixed as well.
The updated packages have been patched to fix these problems.
SolutionUpdate the affected mozilla-thunderbird, mozilla-thunderbird-enigmail and / or mozilla-thunderbird-enigmime packages.