Gentoo Security Advisory GLSA 200703-18 (mozilla-thunderbird) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200703-18.

Solution

All Mozilla Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-1.5.0.10' All Mozilla Thunderbird binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-bin-1.5.0.10' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200703-18 http://bugs.gentoo.org/show_bug.cgi?id=165555

Insight

Multiple vulnerabilities have been reported in Mozilla Thunderbird, some of which may allow user-assisted arbitrary remote code execution.

Severity

Classification

CVE CVE-2007-0008, CVE-2007-0009, CVE-2007-0775, CVE-2007-0776, CVE-2007-0777, CVE-2007-1282

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200405-22 (Apache)
Gentoo Security Advisory GLSA 200406-02 (tripwire)
Gentoo Security Advisory GLSA 200403-01 (libxml)
Gentoo Security Advisory GLSA 200405-02 (lha)
Gentoo Security Advisory GLSA 200409-09 (mit-krb5)

Take action and discover your vulnerabilities