[FEDORA-2008-9807] Fedora 8: thunderbird
Severity
High
Affected Packages
1
CVEs
20
This update update upgrades thunderbird packages to upstream version 2.0.0.18,
which fixes multiple security issues detailed in upstream security advisories:
http://www.mozilla.org/security/known-
vulnerabilities/thunderbird20.html#thunderbird2.0.0.17
http://www.mozilla.org/security/known-
vulnerabilities/thunderbird20.html#thunderbird2.0.0.18
| Package | Affected Version |
|---|---|
 pkg:rpm/fedora/thunderbird?distro=fedora-8
|
< 2.0.0.18.1.fc8 |
- ID
- FEDORA-2008-9807
- Severity
- high
- Severity from
- CVE-2008-0016
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2008-9807
- Published
-
2008-11-21T10:57:04
(16 years ago) - Modified
-
2008-11-21T10:57:04
(16 years ago) - Rights
- Copyright 2008 Red Hat, Inc.
- Other Advisories
-
-
ELSA-2008-0879
-
ELSA-2008-0978
-
FEDORA-2008-8399
-
FEDORA-2008-8401
-
FEDORA-2008-8425
-
FEDORA-2008-8429
-
FEDORA-2008-9667
-
FEDORA-2008-9669
-
FEDORA-2008-9859
-
FEDORA-2008-9901
-
FREEBSD:2273879E-8A2F-11DD-A6FE-0030843D3802
-
FREEBSD:F29FEA8F-B19F-11DD-A55E-00163E000016
-
GLSA-201301-01
-
USN-645-1
-
USN-645-2
-
USN-647-1
-
USN-667-1
-
USN-668-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Bugzilla | 470895 | Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation |
|
| Bugzilla | 463248 | Bug #463248 - CVE-2008-4068 Mozilla local HTML file recource: bypass |
|
| Bugzilla | 463182 | Bug #463182 - CVE-2008-3835 mozilla: nsXMLDocument::OnChannelRedirect() same-origin violation |
|
| Bugzilla | 463190 | Bug #463190 - CVE-2008-4058 Mozilla privilege escalation via XPCnativeWrapper pollution |
|
| Bugzilla | 470873 | Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering |
|
| Bugzilla | 463243 | Bug #463243 - CVE-2008-4066 Mozilla low surrogates stripped from JavaScript before execution |
|
| Bugzilla | 463192 | Bug #463192 - CVE-2008-4059 Mozilla privilege escalation via XPCnativeWrapper pollution |
|
| Bugzilla | 463201 | Bug #463201 - CVE-2008-4062 Mozilla crashes with evidence of memory corruption |
|
| Bugzilla | 470902 | Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace |
|
| Bugzilla | 470894 | Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager |
|
| Bugzilla | 470883 | Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption |
|
| Bugzilla | 470881 | Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption |
|
| Bugzilla | 463181 | Bug #463181 - CVE-2008-0016 Mozilla UTF-8 stack buffer overflow |
|
| Bugzilla | 463246 | Bug #463246 - CVE-2008-4067 Mozilla resource: traversal vulnerability |
|
| Bugzilla | 464041 | Bug #464041 - CVE-2008-4070 Thunderbird cancelled newsgrop messages |
|
| Bugzilla | 470864 | Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect |
|
| Bugzilla | 470884 | Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption |
|
| Bugzilla | 463234 | Bug #463234 - CVE-2008-4065 Mozilla BOM characters stripped from JavaScript before execution |
|
| Bugzilla | 463199 | Bug #463199 - CVE-2008-4061 Mozilla layout engine crash |
|
| Bugzilla | 463198 | Bug #463198 - CVE-2008-4060 Mozilla privilege escalation via XPCnativeWrapper pollution |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/fedora/thunderbird?distro=fedora-8 | fedora |
thunderbird
|
< 2.0.0.18.1.fc8 | fedora-8 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |