rPath Security Advisory: 2008-0093-1 Published: 2008-02-29 Products: rPath Linux 1
Rating: Major Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: thunderbird=conary.rpath.com_at_rpl:1/2.0.0.12-0.1-1
rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-1995
References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5959 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5960 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0591 http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird2.0.0.12
Description: Previous versions of the thunderbird package are vulnerable to several types of attacks, some of which are understood to allow compromised or malicious sites to run arbitrary code as the user running thunderbird.
http://wiki.rpath.com/Advisories:rPSA-2008-0093
Copyright 2008 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html Received on Feb 29 2008
