openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-192)
High Nessus Plugin ID 39892
SynopsisThe remote openSUSE host is missing a security update.
DescriptionMozilla Thunderbird was updated to 126.96.36.199.
MFSA 2008-34 / CVE-2008-2785: An anonymous researcher, via TippingPoint's Zero Day Initiative program, reported a vulnerability in Mozilla CSS reference counting code. The vulnerability was caused by an insufficiently sized variable being used as a reference counter for CSS objects. By creating a very large number of references to a common CSS object, this counter could be overflowed which could cause a crash when the browser attempts to free the CSS object while still in use. An attacker could use this crash to run arbitrary code on the victim's computer
SolutionUpdate the affected MozillaThunderbird packages.