Slackware Advisory SSA:2007-324-01 Mozilla-thunderbird Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2007-324-01.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2007-324-01

Insight

New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, and -current to fix security issues. Slackware is not vulnerable to either of these in its default configuration, but watch out if you've enabled JavaScript. More information about the security issues may be found here: http://www.mozilla.org/security/announce/2007/mfsa2007-36.html http://www.mozilla.org/security/announce/2007/mfsa2007-29.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339

Severity

Classification

CVE CVE-2007-4841, CVE-2007-5339
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Slackware Advisory SSA:2004-043-02 XFree86 security update
Slackware Advisory SSA:2006-045-05 kdelibs
Slackware Advisory SSA:2003-260-02 Sendmail vulnerabilities fixed
Slackware Advisory SSA:2004-278-02 zlib DoS
Slackware Advisory SSA:2004-124-03 xine-lib update

Slackware Advisory SSA:2007-324-01 mozilla-thunderbird

Take action and discover your vulnerabilities