[FEDORA-2008-9807] Fedora 8: thunderbird
Severity
High
Affected Packages
1
CVEs
20
This update update upgrades thunderbird packages to upstream version 2.0.0.18,
which fixes multiple security issues detailed in upstream security advisories:
http://www.mozilla.org/security/known-
vulnerabilities/thunderbird20.html#thunderbird2.0.0.17
http://www.mozilla.org/security/known-
vulnerabilities/thunderbird20.html#thunderbird2.0.0.18
Package | Affected Version |
---|---|
pkg:rpm/fedora/thunderbird?distro=fedora-8 | < 2.0.0.18.1.fc8 |
- ID
- FEDORA-2008-9807
- Severity
- high
- Severity from
- CVE-2008-0016
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2008-9807
- Published
-
2008-11-21T10:57:04
(16 years ago) - Modified
-
2008-11-21T10:57:04
(16 years ago) - Rights
- Copyright 2008 Red Hat, Inc.
- Other Advisories
-
- ELSA-2008-0879
- ELSA-2008-0978
- FEDORA-2008-8399
- FEDORA-2008-8401
- FEDORA-2008-8425
- FEDORA-2008-8429
- FEDORA-2008-9667
- FEDORA-2008-9669
- FEDORA-2008-9859
- FEDORA-2008-9901
- FREEBSD:2273879E-8A2F-11DD-A6FE-0030843D3802
- FREEBSD:F29FEA8F-B19F-11DD-A55E-00163E000016
- GLSA-201301-01
- USN-645-1
- USN-645-2
- USN-647-1
- USN-667-1
- USN-668-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 470895 | Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation | https://bugzilla.redhat.com/show_bug.cgi?id=470895 |
Bugzilla | 463248 | Bug #463248 - CVE-2008-4068 Mozilla local HTML file recource: bypass | https://bugzilla.redhat.com/show_bug.cgi?id=463248 |
Bugzilla | 463182 | Bug #463182 - CVE-2008-3835 mozilla: nsXMLDocument::OnChannelRedirect() same-origin violation | https://bugzilla.redhat.com/show_bug.cgi?id=463182 |
Bugzilla | 463190 | Bug #463190 - CVE-2008-4058 Mozilla privilege escalation via XPCnativeWrapper pollution | https://bugzilla.redhat.com/show_bug.cgi?id=463190 |
Bugzilla | 470873 | Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering | https://bugzilla.redhat.com/show_bug.cgi?id=470873 |
Bugzilla | 463243 | Bug #463243 - CVE-2008-4066 Mozilla low surrogates stripped from JavaScript before execution | https://bugzilla.redhat.com/show_bug.cgi?id=463243 |
Bugzilla | 463192 | Bug #463192 - CVE-2008-4059 Mozilla privilege escalation via XPCnativeWrapper pollution | https://bugzilla.redhat.com/show_bug.cgi?id=463192 |
Bugzilla | 463201 | Bug #463201 - CVE-2008-4062 Mozilla crashes with evidence of memory corruption | https://bugzilla.redhat.com/show_bug.cgi?id=463201 |
Bugzilla | 470902 | Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace | https://bugzilla.redhat.com/show_bug.cgi?id=470902 |
Bugzilla | 470894 | Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager | https://bugzilla.redhat.com/show_bug.cgi?id=470894 |
Bugzilla | 470883 | Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption | https://bugzilla.redhat.com/show_bug.cgi?id=470883 |
Bugzilla | 470881 | Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption | https://bugzilla.redhat.com/show_bug.cgi?id=470881 |
Bugzilla | 463181 | Bug #463181 - CVE-2008-0016 Mozilla UTF-8 stack buffer overflow | https://bugzilla.redhat.com/show_bug.cgi?id=463181 |
Bugzilla | 463246 | Bug #463246 - CVE-2008-4067 Mozilla resource: traversal vulnerability | https://bugzilla.redhat.com/show_bug.cgi?id=463246 |
Bugzilla | 464041 | Bug #464041 - CVE-2008-4070 Thunderbird cancelled newsgrop messages | https://bugzilla.redhat.com/show_bug.cgi?id=464041 |
Bugzilla | 470864 | Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect | https://bugzilla.redhat.com/show_bug.cgi?id=470864 |
Bugzilla | 470884 | Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption | https://bugzilla.redhat.com/show_bug.cgi?id=470884 |
Bugzilla | 463234 | Bug #463234 - CVE-2008-4065 Mozilla BOM characters stripped from JavaScript before execution | https://bugzilla.redhat.com/show_bug.cgi?id=463234 |
Bugzilla | 463199 | Bug #463199 - CVE-2008-4061 Mozilla layout engine crash | https://bugzilla.redhat.com/show_bug.cgi?id=463199 |
Bugzilla | 463198 | Bug #463198 - CVE-2008-4060 Mozilla privilege escalation via XPCnativeWrapper pollution | https://bugzilla.redhat.com/show_bug.cgi?id=463198 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/thunderbird?distro=fedora-8 | fedora | thunderbird | < 2.0.0.18.1.fc8 | fedora-8 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |