SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis patch backports security fixes found in MozillaThunderbird 18.104.22.168 back to the 1.5 Thunderbird used in openSUSE 10.2.
MFSA 2008-34 / CVE-2008-2785: An anonymous researcher, via TippingPoint's Zero Day Initiative program, reported a vulnerability in Mozilla CSS reference counting code. The vulnerability was caused by an insufficiently sized variable being used as a reference counter for CSS objects. By creating a very large number of references to a common CSS object, this counter could be overflowed which could cause a crash when the browser attempts to free the CSS object while still in use. An attacker could use this crash to run arbitrary code on the victim's computer
SolutionUpdate the affected MozillaThunderbird packages.