RHSA-2008_0976
Vulnerability from csaf_redhat - Published: 2008-11-20 01:07 - Updated: 2024-11-22 02:22Summary
Red Hat Security Advisory: thunderbird security update
Severity
Moderate
Notes
Topic: Updated thunderbird packages that fix several security issues are now
available for Red Hat Enterprise Linux 4 and 5.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details: Mozilla Thunderbird is a standalone mail and newsgroup client.
Several flaws were found in the processing of malformed HTML mail content.
An HTML mail message containing malicious content could cause Thunderbird
to crash or, potentially, execute arbitrary code as the user running
Thunderbird. (CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018,
CVE-2008-5021)
Several flaws were found in the way malformed HTML mail content was
processed. An HTML mail message containing specially-crafted content could
potentially trick a Thunderbird user into surrendering sensitive
information. (CVE-2008-5012, CVE-2008-5022, CVE-2008-5024)
All Thunderbird users should upgrade to these updated packages, which
resolve these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin policy and access arbitrary images that are not directly accessible to the attacker. NOTE: this issue can be leveraged to enumerate software on the client by performing redirections related to moz-icon.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0976
jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying the window.__proto__.__proto__ object in a way that causes a lock on a non-native object, which triggers an assertion failure related to the OBJ_IS_NATIVE function.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0976
The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via multiple vectors that trigger an assertion failure or other consequences.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0976
Integer overflow in xpcom/io/nsEscape.cpp in the browser engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0976
The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via vectors related to "insufficient class checking" in the Date class.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0976
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0976
The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass the inner window check.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0976
Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection attacks via the default namespace in an E4X document.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0976
The AppendAttributeValue function in the JavaScript engine in Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger memory corruption, as demonstrated by e4x/extensions/regress-410192.js.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0976
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated thunderbird packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code as the user running\nThunderbird. (CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018,\nCVE-2008-5021)\n\nSeveral flaws were found in the way malformed HTML mail content was\nprocessed. An HTML mail message containing specially-crafted content could\npotentially trick a Thunderbird user into surrendering sensitive\ninformation. (CVE-2008-5012, CVE-2008-5022, CVE-2008-5024)\n\nAll Thunderbird users should upgrade to these updated packages, which\nresolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0976",
"url": "https://access.redhat.com/errata/RHSA-2008:0976"
},
{
"category": "external",
"summary": "470864",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470864"
},
{
"category": "external",
"summary": "470873",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470873"
},
{
"category": "external",
"summary": "470881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470881"
},
{
"category": "external",
"summary": "470883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470883"
},
{
"category": "external",
"summary": "470884",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470884"
},
{
"category": "external",
"summary": "470894",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470894"
},
{
"category": "external",
"summary": "470895",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470895"
},
{
"category": "external",
"summary": "470902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470902"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0976.json"
}
],
"title": "Red Hat Security Advisory: thunderbird security update",
"tracking": {
"current_release_date": "2024-11-22T02:22:11+00:00",
"generator": {
"date": "2024-11-22T02:22:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2008:0976",
"initial_release_date": "2008-11-20T01:07:00+00:00",
"revision_history": [
{
"date": "2008-11-20T01:07:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-11-19T20:09:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T02:22:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_productivity:5"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.12-17.el4.ia64",
"product": {
"name": "thunderbird-0:1.5.0.12-17.el4.ia64",
"product_id": "thunderbird-0:1.5.0.12-17.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-17.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"product_id": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-17.el4?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.12-17.el4.src",
"product": {
"name": "thunderbird-0:1.5.0.12-17.el4.src",
"product_id": "thunderbird-0:1.5.0.12-17.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-17.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:2.0.0.18-1.el5.src",
"product": {
"name": "thunderbird-0:2.0.0.18-1.el5.src",
"product_id": "thunderbird-0:2.0.0.18-1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@2.0.0.18-1.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.12-17.el4.x86_64",
"product": {
"name": "thunderbird-0:1.5.0.12-17.el4.x86_64",
"product_id": "thunderbird-0:1.5.0.12-17.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-17.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"product_id": "thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-17.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:2.0.0.18-1.el5.x86_64",
"product": {
"name": "thunderbird-0:2.0.0.18-1.el5.x86_64",
"product_id": "thunderbird-0:2.0.0.18-1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@2.0.0.18-1.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"product_id": "thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@2.0.0.18-1.el5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.12-17.el4.i386",
"product": {
"name": "thunderbird-0:1.5.0.12-17.el4.i386",
"product_id": "thunderbird-0:1.5.0.12-17.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-17.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"product_id": "thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-17.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:2.0.0.18-1.el5.i386",
"product": {
"name": "thunderbird-0:2.0.0.18-1.el5.i386",
"product_id": "thunderbird-0:2.0.0.18-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@2.0.0.18-1.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"product": {
"name": "thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"product_id": "thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@2.0.0.18-1.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.12-17.el4.ppc",
"product": {
"name": "thunderbird-0:1.5.0.12-17.el4.ppc",
"product_id": "thunderbird-0:1.5.0.12-17.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-17.el4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"product_id": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-17.el4?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.12-17.el4.s390x",
"product": {
"name": "thunderbird-0:1.5.0.12-17.el4.s390x",
"product_id": "thunderbird-0:1.5.0.12-17.el4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-17.el4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"product_id": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-17.el4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.12-17.el4.s390",
"product": {
"name": "thunderbird-0:1.5.0.12-17.el4.s390",
"product_id": "thunderbird-0:1.5.0.12-17.el4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-17.el4?arch=s390"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"product_id": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-17.el4?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.12-17.el4.i386"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.12-17.el4.ia64"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.12-17.el4.ppc"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.12-17.el4.s390"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.12-17.el4.s390x"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.12-17.el4.src"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.12-17.el4.x86_64"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.12-17.el4.i386"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.12-17.el4.s390"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.12-17.el4.src"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.12-17.el4.i386"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.12-17.el4.ia64"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.12-17.el4.ppc"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.12-17.el4.s390"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.12-17.el4.s390x"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.12-17.el4.src"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.12-17.el4.x86_64"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.12-17.el4.i386"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.12-17.el4.ia64"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.12-17.el4.ppc"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.12-17.el4.s390"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.12-17.el4.s390x"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.12-17.el4.src"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-17.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.12-17.el4.x86_64"
},
"product_reference": "thunderbird-0:1.5.0.12-17.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:2.0.0.18-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:thunderbird-0:2.0.0.18-1.el5.i386"
},
"product_reference": "thunderbird-0:2.0.0.18-1.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:2.0.0.18-1.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:thunderbird-0:2.0.0.18-1.el5.src"
},
"product_reference": "thunderbird-0:2.0.0.18-1.el5.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:2.0.0.18-1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:thunderbird-0:2.0.0.18-1.el5.x86_64"
},
"product_reference": "thunderbird-0:2.0.0.18-1.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:2.0.0.18-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386"
},
"product_reference": "thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:2.0.0.18-1.el5.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386"
},
"product_reference": "thunderbird-0:2.0.0.18-1.el5.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:2.0.0.18-1.el5.src as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src"
},
"product_reference": "thunderbird-0:2.0.0.18-1.el5.src",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:2.0.0.18-1.el5.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64"
},
"product_reference": "thunderbird-0:2.0.0.18-1.el5.x86_64",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:2.0.0.18-1.el5.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386"
},
"product_reference": "thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"relates_to_product_reference": "5Server-DPAS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-5012",
"discovery_date": "2008-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "470864"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin policy and access arbitrary images that are not directly accessible to the attacker. NOTE: this issue can be leveraged to enumerate software on the client by performing redirections related to moz-icon.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla Image stealing via canvas and HTTP redirect",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5012"
},
{
"category": "external",
"summary": "RHBZ#470864",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470864"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5012",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5012"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5012",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5012"
}
],
"release_date": "2008-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-11-20T01:07:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188\n",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0976"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mozilla Image stealing via canvas and HTTP redirect"
},
{
"cve": "CVE-2008-5014",
"discovery_date": "2008-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "470873"
}
],
"notes": [
{
"category": "description",
"text": "jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying the window.__proto__.__proto__ object in a way that causes a lock on a non-native object, which triggers an assertion failure related to the OBJ_IS_NATIVE function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla crash and remote code execution via __proto__ tampering",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5014"
},
{
"category": "external",
"summary": "RHBZ#470873",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470873"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5014",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5014"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5014",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5014"
}
],
"release_date": "2008-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-11-20T01:07:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188\n",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0976"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla crash and remote code execution via __proto__ tampering"
},
{
"cve": "CVE-2008-5016",
"discovery_date": "2008-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "470881"
}
],
"notes": [
{
"category": "description",
"text": "The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via multiple vectors that trigger an assertion failure or other consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla crash with evidence of memory corruption",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5016"
},
{
"category": "external",
"summary": "RHBZ#470881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470881"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5016",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5016"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5016",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5016"
}
],
"release_date": "2008-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-11-20T01:07:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188\n",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0976"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla crash with evidence of memory corruption"
},
{
"cve": "CVE-2008-5017",
"discovery_date": "2008-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "470883"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in xpcom/io/nsEscape.cpp in the browser engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla crash with evidence of memory corruption",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5017"
},
{
"category": "external",
"summary": "RHBZ#470883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470883"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5017",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5017"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5017",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5017"
}
],
"release_date": "2008-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-11-20T01:07:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188\n",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0976"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla crash with evidence of memory corruption"
},
{
"cve": "CVE-2008-5018",
"discovery_date": "2008-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "470884"
}
],
"notes": [
{
"category": "description",
"text": "The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via vectors related to \"insufficient class checking\" in the Date class.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla crash with evidence of memory corruption",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5018"
},
{
"category": "external",
"summary": "RHBZ#470884",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470884"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5018",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5018"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5018",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5018"
}
],
"release_date": "2008-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-11-20T01:07:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188\n",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0976"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla crash with evidence of memory corruption"
},
{
"cve": "CVE-2008-5021",
"discovery_date": "2008-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "470894"
}
],
"notes": [
{
"category": "description",
"text": "nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla crash and remote code execution in nsFrameManager",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5021"
},
{
"category": "external",
"summary": "RHBZ#470894",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470894"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5021",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5021"
}
],
"release_date": "2008-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-11-20T01:07:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188\n",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0976"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Mozilla crash and remote code execution in nsFrameManager"
},
{
"cve": "CVE-2008-5022",
"discovery_date": "2008-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "470895"
}
],
"notes": [
{
"category": "description",
"text": "The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass the inner window check.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nsXMLHttpRequest:: NotifyEventListeners() same-origin violation",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5022"
},
{
"category": "external",
"summary": "RHBZ#470895",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470895"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5022",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5022"
}
],
"release_date": "2008-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-11-20T01:07:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188\n",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0976"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nsXMLHttpRequest:: NotifyEventListeners() same-origin violation"
},
{
"cve": "CVE-2008-5024",
"discovery_date": "2008-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "470902"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection attacks via the default namespace in an E4X document.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla parsing error in E4X default namespace",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5024"
},
{
"category": "external",
"summary": "RHBZ#470902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=470902"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5024",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5024"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5024",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5024"
}
],
"release_date": "2008-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-11-20T01:07:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188\n",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0976"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Mozilla parsing error in E4X default namespace"
},
{
"cve": "CVE-2008-5052",
"discovery_date": "2008-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618336"
}
],
"notes": [
{
"category": "description",
"text": "The AppendAttributeValue function in the JavaScript engine in Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger memory corruption, as demonstrated by e4x/extensions/regress-410192.js.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5052"
},
{
"category": "external",
"summary": "RHBZ#1618336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5052",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5052"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5052",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5052"
}
],
"release_date": "2008-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-11-20T01:07:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188\n",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-17.el4.src",
"4AS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-17.el4.src",
"4ES:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-17.el4.src",
"4WS:thunderbird-0:1.5.0.12-17.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-17.el4.x86_64",
"5Client:thunderbird-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-0:2.0.0.18-1.el5.src",
"5Client:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.src",
"5Server-DPAS:thunderbird-0:2.0.0.18-1.el5.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.18-1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0976"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "security flaw"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…