Otkriveno je nekoliko sigurnosnih propusta u paketu Mozilla Thunderbird, a mogu se iskoristiti za udaljeno izvođenje Dos napada i pokretanje proizvoljnog programskog koda.
Secunia Advisory SA46035
Oracle Solaris Mozilla Thunderbird Multiple Vulnerabilities
Release Date 2011-09-16
Criticality level Highly criticalHighly critical
Impact System access
Where From remote
Authentication level Available in Customer Area
Report reliability Available in Customer Area
Solution Status Vendor Patch
Systems affected Available in Customer Area
Approve distribution Available in Customer Area
Operating System
Oracle Solaris 11 Express
Sun Solaris 10.x
Secunia CVSS Score Available in Customer Area
CVE Reference(s) CVE-2011-0069 CVSS available in Customer Area
CVE-2011-0070 CVSS available in Customer Area
CVE-2011-0072 CVSS available in Customer Area
CVE-2011-0074 CVSS available in Customer Area
CVE-2011-0077 CVSS available in Customer Area
CVE-2011-0078 CVSS available in Customer Area
CVE-2011-0080 CVSS available in Customer Area
CVE-2011-0081 CVSS available in Customer Area
Description
Oracle has acknowledged multiple vulnerabilities in Mozilla Thunderbird included in Solaris, which can be exploited by malicious people to compromise a user's system.
For more information:
SA44407
Solution
Apply patches.
Further details available in Customer Area
Original Advisory
http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird
Other references
Further details available in Customer Area
Posljednje sigurnosne preporuke