oval:org.mitre.oval:def:14001

Definition Id: oval:org.mitre.oval:def:14001

Oval ID:	oval:org.mitre.oval:def:14001
Title:	USN-782-1 -- thunderbird vulnerabilities
Description:	Several flaws were discovered in the JavaScript engine of Thunderbird. If a user had JavaScript enabled and were tricked into viewing malicious web content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Several flaws were discovered in the way Thunderbird processed malformed URI schemes. If a user were tricked into viewing a malicious website and had JavaScript and plugins enabled, a remote attacker could execute arbitrary JavaScript or steal private data. Cefn Hoile discovered Thunderbird did not adequately protect against embedded third-party stylesheets. If JavaScript were enabled, an attacker could exploit this to perform script injection attacks using XBL bindings. Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang discovered that Thunderbird did not properly handle error responses when connecting to a proxy server. If a user had JavaScript enabled while using Thunderbird to view websites and a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. It was discovered that Thunderbird could be made to run scripts with elevated privileges. If a user had JavaScript enabled while having certain non-default add-ons installed and were tricked into viewing a malicious website, an attacker could cause a chrome privileged object, such as the browser sidebar, to run arbitrary code via interactions with the attacker controlled website
Family:	unix	Class:	patch
Reference(s):	USN-782-1 CVE-2009-1303 CVE-2009-1305 CVE-2009-1392 CVE-2009-1833 CVE-2009-1838 CVE-2009-1306 CVE-2009-1307 CVE-2009-1309 CVE-2009-1308 CVE-2009-1836 CVE-2009-1841	Version:	5
Platform(s):	Ubuntu 8.10 Ubuntu 8.04 Ubuntu 9.04	Product(s):	thunderbird
Definition Synopsis:
Release section Ubuntu 8.10 is installed AND Architecture section Architecture independent section Installed architecture is all AND Packages section mozilla-thunderbird DPKG is earlier than 2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1 AND mozilla-thunderbird-dev DPKG is earlier than 2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1 OR Architecture depended section Supported architectures section Installed architecture is amd64 AND Installed architecture is i386 AND Installed architecture is powerpc AND Installed architecture is sparc AND Installed architecture is lpia AND Packages section thunderbird-dev DPKG is earlier than 2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1 AND thunderbird DPKG is earlier than 2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1 AND thunderbird-gnome-support DPKG is earlier than 2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1 OR Release section Ubuntu 8.04 is installed AND Architecture section Architecture independent section Installed architecture is all AND Packages section mozilla-thunderbird DPKG is earlier than 2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1 AND mozilla-thunderbird-dev DPKG is earlier than 2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1 OR Architecture depended section Supported architectures section Installed architecture is amd64 AND Installed architecture is i386 AND Installed architecture is powerpc AND Installed architecture is sparc AND Installed architecture is lpia AND Packages section thunderbird-dev DPKG is earlier than 2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1 AND thunderbird DPKG is earlier than 2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1 AND thunderbird-gnome-support DPKG is earlier than 2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1 OR Release section Ubuntu 9.04 is installed AND Architecture section Architecture independent section Installed architecture is all AND Packages section mozilla-thunderbird DPKG is earlier than 2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1 AND mozilla-thunderbird-dev DPKG is earlier than 2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1 OR Architecture depended section Supported architectures section Installed architecture is amd64 AND Installed architecture is i386 AND Installed architecture is powerpc AND Installed architecture is sparc AND Installed architecture is lpia AND Packages section thunderbird-dev DPKG is earlier than 2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1 AND thunderbird DPKG is earlier than 2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1 AND thunderbird-gnome-support DPKG is earlier than 2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1

Definition Id: oval:org.mitre.oval:def:13250

Oval ID:	oval:org.mitre.oval:def:13250
Title:	Ubuntu 8.04 is installed
Description:	Ubuntu 8.04 is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:ubuntu:ubuntu_linux:8.04	Version:	3
Platform(s):	Ubuntu 8.04	Product(s):
Definition Synopsis:
Ubuntu 8.04 is installed
Referenced By:
oval:org.mitre.oval:def:14001

Definition Id: oval:org.mitre.oval:def:13306

Oval ID:	oval:org.mitre.oval:def:13306
Title:	Ubuntu 8.10 is installed
Description:	Ubuntu 8.10 is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:ubuntu:ubuntu_linux:8.10	Version:	3
Platform(s):	Ubuntu 8.10	Product(s):
Definition Synopsis:
Ubuntu 8.10 is installed
Referenced By:
oval:org.mitre.oval:def:14001

Definition Id: oval:org.mitre.oval:def:12669

Oval ID:	oval:org.mitre.oval:def:12669
Title:	Ubuntu 9.04 is installed
Description:	Ubuntu 9.04 is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:canonical:ubuntu_linux:9.04	Version:	5
Platform(s):	Ubuntu 9.04	Product(s):
Definition Synopsis:
Ubuntu 9.04 is installed
Referenced By:
oval:org.mitre.oval:def:14001

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0392s

Facebook rss twitter linkedin mail