New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 8.9
SynopsisThe remote Debian host is missing a security-related update.
DescriptionMultiple security issues have been found in Thunderbird, which may may lead to the execution of arbitrary code or information leaks.
With this update, the Icedove packages are de-branded back to the official Mozilla branding. With the removing of the Debian branding the packages are also renamed back to the official names used by Mozilla.
The Thunderbird package is using a different default profile folder, the default profile folder is now '\$(HOME)/.thunderbird'. The users profile folder, that was used in Icedove, will get migrated to the new profile folder on the first start, that can take a little bit more time.
Please read README.Debian for getting more information about the changes.
SolutionUpgrade the icedove packages.
For the stable distribution (jessie), these problems have been fixed in version 1:45.8.0-3~deb8u1.