New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 6.6
SynopsisThe remote openSUSE host is missing a security update.
DescriptionMozilla Thunderbird was updated to the 184.108.40.206 security release. It fixes various bugs and security issues :
- MFSA-2009-14/CVE-2009-1302/CVE-2009-1303/CVE-2009-1304 CVE-2009-1305 Crashes with evidence of memory corruption (rv:220.127.116.11)
- MFSA 2009-17/CVE-2009-1307 (bmo#481342) Same-origin violations when Adobe Flash loaded via view-source:
- MFSA 2009-24/CVE-2009-1392/CVE-2009-1832/CVE-2009-1833 Crashes with evidence of memory corruption (rv:18.104.22.168)
- MFSA 2009-27/CVE-2009-1836 (bmo#479880) SSL tampering via non-200 responses to proxy CONNECT requests
- MFSA 2009-29/CVE-2009-1838 (bmo#489131) Arbitrary code execution using event listeners attached to an element whose owner document is null
- MFSA 2009-33 (bmo#495057) Crash viewing multipart/alternative message with text/enhanced part
SolutionUpdate the affected MozillaThunderbird packages.