Slackware 10.2 / 11.0 / 12.0 / 12.1 / current : mozilla-thunderbird (SSA:2008-128-02)

high Nessus Plugin ID 32445

Synopsis

The remote Slackware host is missing a security update.

Description

New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, 12.1, and -current to fix security issues, including crashes that can corrupt memory, as well as a JavaScript privilege escalation and arbitrary code execution flaw.

Solution

Update the affected mozilla-thunderbird package.

See Also

http://www.nessus.org/u?f7275234

http://www.nessus.org/u?6e3c99dc

Plugin Details

Severity: High

ID: 32445

File Name: Slackware_SSA_2008-128-02.nasl

Version: 1.19

Type: local

Published: 5/28/2008

Updated: 1/14/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:slackware:slackware_linux:mozilla-thunderbird, cpe:/o:slackware:slackware_linux, cpe:/o:slackware:slackware_linux:10.2, cpe:/o:slackware:slackware_linux:11.0, cpe:/o:slackware:slackware_linux:12.0, cpe:/o:slackware:slackware_linux:12.1

Required KB Items: Host/local_checks_enabled, Host/Slackware/release, Host/Slackware/packages

Exploit Ease: No known exploits are available

Patch Publication Date: 5/7/2008

Vulnerability Publication Date: 3/27/2008

Reference Information

CVE: CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237

BID: 28448

CWE: 399, 79, 94

SSA: 2008-128-02