Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Fedora Security Update Fixes Mozilla Thunderbird Code Execution Vulnerabilities

Title : Fedora Security Update Fixes Mozilla Thunderbird Code Execution Vulnerabilities
VUPEN ID : VUPEN/ADV-2006-4407
CVE ID : CVE-2006-5462 - CVE-2006-5463 - CVE-2006-5464 - CVE-2006-5747 - CVE-2006-5748
Rated as : Critical 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-11-09

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format 

Fedora has released updated packages to address multiple vulnerabilities identified in Mozilla Thunderbird. These flaws could be exploited by remote attackers to execute arbitrary commands or bypass security restrictions. For additional information, see : VUPEN/ADV-2006-4387

Affected Products

Fedora Core 6
Fedora Core 5

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

99cfea6a0cb772826352ca64e5494fbe558e2fbe SRPMS/thunderbird-1.5.0.8-1.fc6.src.rpm
99cfea6a0cb772826352ca64e5494fbe558e2fbe noarch/thunderbird-1.5.0.8-1.fc6.src.rpm
6634175354dc930e6c25e03faab67a8f1cd4ba82 ppc/thunderbird-1.5.0.8-1.fc6.ppc.rpm
ed3990bd5dff7ab159b903c37c332748f18e3fe6 ppc/debug/thunderbird-debuginfo-1.5.0.8-1.fc6.ppc.rpm
6f5c7c63f2c7cd41b0e4a7b9f7f365c0026d7a01 x86_64/thunderbird-1.5.0.8-1.fc6.x86_64.rpm
aba3c37643076fb372349d6adc9be0e64d11bb73 x86_64/debug/thunderbird-debuginfo-1.5.0.8-1.fc6.x86_64.rpm
acda34272c98b0100e370c63c426040da18728e1 i386/thunderbird-1.5.0.8-1.fc6.i386.rpm
45f0fa39c006fffb23723810af2d8998dc3e8586 i386/debug/thunderbird-debuginfo-1.5.0.8-1.fc6.i386.rpm

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

f9a1980078e7ae391d679c32a2135ec242476498 SRPMS/thunderbird-1.5.0.8-1.fc5.src.rpm
f9a1980078e7ae391d679c32a2135ec242476498 noarch/thunderbird-1.5.0.8-1.fc5.src.rpm
17ba711eb6da49e8d30a3455160c4f1d2cf97cc0 ppc/debug/thunderbird-debuginfo-1.5.0.8-1.fc5.ppc.rpm
796694e20da80b473192e4f44a92149e4d9e2f27 ppc/thunderbird-1.5.0.8-1.fc5.ppc.rpm
cea6166201546bc63c3d9803f29ce595ab89257a x86_64/debug/thunderbird-debuginfo-1.5.0.8-1.fc5.x86_64.rpm
9fa6c7b48a004be10dbe3feebf0dbc473a4b6399 x86_64/thunderbird-1.5.0.8-1.fc5.x86_64.rpm
0276bb779a4fcdee5557e9e82d861e805f039065 i386/thunderbird-1.5.0.8-1.fc5.i386.rpm
5e8e4c41f1fff96e26e857848bfa97e542541f6f i386/debug/thunderbird-debuginfo-1.5.0.8-1.fc5.i386.rpm

References

http://www.vupen.com/english/advisories/2006/4407
https://www.redhat.com/archives/fedora-package-announce/2006-November/msg00054.html
https://www.redhat.com/archives/fedora-package-announce/2006-November/msg00056.html

ChangeLog

2006-11-09 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-07-06

     

  Microsoft Windows 0-Day
  Flaw Exploited in the Wild


  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy