Mandriva Update For Mozilla-thunderbird MDVSA-2010:219 (mozilla-thunderbird) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A security issue was identified and fixed in mozilla-thunderbird: Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, when JavaScript is enabled, allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in October 2010 by the Belmoo malware (CVE-2010-3765). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&amp products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates.

Affected

mozilla-thunderbird on Mandriva Linux 2009.0, Mandriva Linux 2009.0/X86_64, Mandriva Linux 2010.0, Mandriva Linux 2010.0/X86_64, Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64

Severity

Classification

CVE CVE-2010-3765

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:015 (ffmpeg)
Mandrake Security Advisory MDVSA-2009:113 (cyrus-sasl)
Mandrake Security Advisory MDVSA-2009:062 (shadow-utils)
Mandrake Security Advisory MDVSA-2009:144 (ghostscript)
Mandrake Security Advisory MDVSA-2009:184 (apache-mod_security)

Mandriva Update for mozilla-thunderbird MDVSA-2010:219 (mozilla-thunderbird)

Take action and discover your vulnerabilities