Slackware Advisory SSA:2007-324-01 Mozilla-thunderbird Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2007-324-01.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2007-324-01

Insight

New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, and -current to fix security issues. Slackware is not vulnerable to either of these in its default configuration, but watch out if you've enabled JavaScript. More information about the security issues may be found here: http://www.mozilla.org/security/announce/2007/mfsa2007-36.html http://www.mozilla.org/security/announce/2007/mfsa2007-29.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339

Severity

Classification

CVE CVE-2007-4841, CVE-2007-5339

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Slackware Advisory SSA:2004-266-03 Mozilla
Slackware Advisory SSA:2003-308-01 apache security update
Slackware Advisory SSA:2006-262-01 gzip
Slackware Advisory SSA:2004-296-01 gaim
Slackware Advisory SSA:2004-305-01 apache+mod_ssl

Slackware Advisory SSA:2007-324-01 mozilla-thunderbird

Take action and discover your vulnerabilities