Summary
The host is installed with Thunderbird and is prone to Remote Code Execution vulnerabilities.
Impact
Successful exploitation could allow remote attacker to execute arbitrary code, memory corruption, and results in Denial of Service condition.
Impact Level:System/Application
Solution
Upgrade to Mozilla Thunderbird version 3 or later, For updates refer to http://www.mozilla.com/
Insight
The flaws are due to error in browser engine which can be exlpoited via some of the known vectors and unspecified vectors.
Affected
Mozilla Thunderbird version 2.0.0.22 and prior on Linux.
References
Severity
Classification
-
CVE CVE-2009-2462, CVE-2009-2463, CVE-2009-2464, CVE-2009-2465, CVE-2009-2466 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Google Chrome Multiple Denial of Service Vulnerabilities - March12 (Windows)
- CesarFTP MKD Command Buffer Overflow
- EMC Data Protection Advisor NULL Pointer Dereference Denial of Service Vulnerability
- freeSSHd SFTP 'rename' and 'realpath' Remote DoS Vulnerability
- Apple QuickTime Malformed .mov File Buffer Overflow Vulnerability