Slackware 10.2 / 11.0 / 12.0 / 12.1 / current : mozilla-thunderbird (SSA:2008-128-02)

High Nessus Plugin ID 32445

Synopsis

The remote Slackware host is missing a security update.

Description

New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, 12.1, and -current to fix security issues, including crashes that can corrupt memory, as well as a JavaScript privilege escalation and arbitrary code execution flaw.

Solution

Update the affected mozilla-thunderbird package.

See Also

http://www.nessus.org/u?f7275234

http://www.nessus.org/u?6e3c99dc

Plugin Details

Severity: High

ID: 32445

File Name: Slackware_SSA_2008-128-02.nasl

Version: 1.15

Type: local

Published: 2008/05/28

Updated: 2018/06/27

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:slackware:slackware_linux:mozilla-thunderbird, cpe:/o:slackware:slackware_linux, cpe:/o:slackware:slackware_linux:10.2, cpe:/o:slackware:slackware_linux:11.0, cpe:/o:slackware:slackware_linux:12.0, cpe:/o:slackware:slackware_linux:12.1

Required KB Items: Host/local_checks_enabled, Host/Slackware/release, Host/Slackware/packages

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2008/05/07

Reference Information

CVE: CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237

BID: 28448

SSA: 2008-128-02

CWE: 79, 94, 399