[FEDORA-2007-550] Fedora 6: thunderbird
Updated thunderbird packages that fix several security bugs
are now available for Fedora Core.
This update has been rated as having critical security
impact by the Fedora Security Response Team.
Mozilla Thunderbird is a standalone mail and newsgroup client.
Several flaws were found in the way Thunderbird processed
certain malformed JavaScript code. A web page containing
malicious JavaScript code could cause Thunderbird to crash
or potentially execute arbitrary code as the user running
Thunderbird. (CVE-2007-2867, CVE-2007-2868)
Several denial of service flaws were found in the way
Thunderbird handled certain form and cookie data. A
malicious web site that is able to set arbitrary form and
cookie data could prevent Thunderbird from functioning
properly. (CVE-2007-1362, CVE-2007-2869)
A flaw was found in the way Thunderbird processed certain
APOP authentication requests. By sending certain responses
when Thunderbird attempted to authenticate against an APOP
server, a remote attacker could potentially acquire certain
portions of a user's authentication credentials. (CVE-2007-1558)
A flaw was found in the way Thunderbird displayed certain
web content. A malicious web page could generate content
which could overlay user interface elements such as the
hostname and security indicators, tricking users into
thinking they are visiting a different site. (CVE-2007-2871)
Users of Thunderbird are advised to apply this update, which
contains Thunderbird version 1.5.0.12 that corrects these
issues.
| Package | Affected Version |
|---|---|
 pkg:rpm/fedora/thunderbird?distro=fedora-6
|
< 1.5.0.12.1.fc6 |
- ID
- FEDORA-2007-550
- Severity
- high
- Severity from
- CVE-2007-2867
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2007-550
- Published
-
2007-05-31T13:03:59
(17 years ago) - Modified
-
2007-05-31T13:03:59
(17 years ago) - Rights
- Copyright 2007 Red Hat, Inc.
- Other Advisories
-
-
ELSA-2007-0344
-
ELSA-2007-0385
-
ELSA-2007-0386
-
ELSA-2007-0400
-
ELSA-2009-1140
-
FEDORA-2007-0001
-
FEDORA-2007-0544
-
FEDORA-2007-1447
-
FEDORA-2007-539
-
FEDORA-2007-540
-
FEDORA-2007-549
-
FEDORA-2007-551
-
FEDORA-2007-552
-
FEDORA-2007-554
-
FREEBSD:C389D06D-EE57-11DB-BD51-0016179B2DD5
-
FREEBSD:F1C4D133-E6D3-11DB-99EA-0060084A00E5
-
GLSA-200706-06
-
USN-468-1
-
USN-469-1
-
USN-520-1
-
VU:609956
-
VU:751636
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/fedora/thunderbird?distro=fedora-6 | fedora |
thunderbird
|
< 1.5.0.12.1.fc6 | fedora-6 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |