rhsa-2006_0677
Vulnerability from csaf_redhat
Published
2006-09-15 06:49
Modified
2024-11-05 16:40
Summary
Red Hat Security Advisory: thunderbird security update
Notes
Topic
Updated thunderbird packages that fix several security bugs are now
available for Red Hat Enterprise Linux 4.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
Two flaws were found in the way Thunderbird processed certain regular
expressions. A malicious HTML email could cause a crash or possibly
execute arbitrary code as the user running Thunderbird. (CVE-2006-4565,
CVE-2006-4566)
A flaw was found in the Thunderbird auto-update verification system. An
attacker who has the ability to spoof a victim's DNS could get Firefox to
download and install malicious code. In order to exploit this issue an
attacker would also need to get a victim to previously accept an
unverifiable certificate. (CVE-2006-4567)
A flaw was found in the handling of Javascript timed events. A malicious
HTML email could crash the browser or possibly execute arbitrary code as
the user running Thunderbird. (CVE-2006-4253)
Daniel Bleichenbacher recently described an implementation error in RSA
signature verification. For RSA keys with exponent 3 it is possible for an
attacker to forge a signature that which would be incorrectly verified by
the NSS library. (CVE-2006-4340)
A flaw was found in Thunderbird that triggered when a HTML message
contained a remote image pointing to a XBL script. An attacker could have
created a carefully crafted message which would execute Javascript if
certain actions were performed on the email by the recipient, even if
Javascript was disabled. (CVE-2006-4570)
A number of flaws were found in Thunderbird. A malicious HTML email could
cause a crash or possibly execute arbitrary code as the user running
Thunderbird. (CVE-2006-4571)
Users of Thunderbird are advised to upgrade to this update, which contains
Thunderbird version 1.5.0.7 that corrects these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated thunderbird packages that fix several security bugs are now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nTwo flaws were found in the way Thunderbird processed certain regular\nexpressions. A malicious HTML email could cause a crash or possibly\nexecute arbitrary code as the user running Thunderbird. (CVE-2006-4565,\nCVE-2006-4566)\n\nA flaw was found in the Thunderbird auto-update verification system. An\nattacker who has the ability to spoof a victim\u0027s DNS could get Firefox to\ndownload and install malicious code. In order to exploit this issue an\nattacker would also need to get a victim to previously accept an\nunverifiable certificate. (CVE-2006-4567)\n\nA flaw was found in the handling of Javascript timed events. A malicious\nHTML email could crash the browser or possibly execute arbitrary code as\nthe user running Thunderbird. (CVE-2006-4253)\n\nDaniel Bleichenbacher recently described an implementation error in RSA\nsignature verification. For RSA keys with exponent 3 it is possible for an\nattacker to forge a signature that which would be incorrectly verified by\nthe NSS library. (CVE-2006-4340)\n\nA flaw was found in Thunderbird that triggered when a HTML message\ncontained a remote image pointing to a XBL script. An attacker could have\ncreated a carefully crafted message which would execute Javascript if\ncertain actions were performed on the email by the recipient, even if\nJavascript was disabled. (CVE-2006-4570)\n\nA number of flaws were found in Thunderbird. A malicious HTML email could\ncause a crash or possibly execute arbitrary code as the user running\nThunderbird. (CVE-2006-4571)\n\nUsers of Thunderbird are advised to upgrade to this update, which contains\nThunderbird version 1.5.0.7 that corrects these issues.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2006:0677", "url": "https://access.redhat.com/errata/RHSA-2006:0677" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "206433", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=206433" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0677.json" } ], "title": "Red Hat Security Advisory: thunderbird security update", "tracking": { "current_release_date": "2024-11-05T16:40:02+00:00", "generator": { "date": "2024-11-05T16:40:02+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2006:0677", "initial_release_date": "2006-09-15T06:49:00+00:00", "revision_history": [ { "date": "2006-09-15T06:49:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2006-09-15T00:00:00+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T16:40:02+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AS version 4", "product": { "name": "Red Hat Enterprise Linux AS version 4", "product_id": "4AS", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::as" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop version 4", "product": { "name": "Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::desktop" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES version 4", "product": { "name": "Red Hat Enterprise Linux ES version 4", "product_id": "4ES", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::es" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux WS version 4", "product": { "name": "Red Hat Enterprise Linux WS version 4", "product_id": "4WS", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:4::ws" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "product": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "product_id": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.7-0.1.el4?arch=ia64" } } }, { "category": "product_version", "name": "thunderbird-0:1.5.0.7-0.1.el4.ia64", "product": { "name": "thunderbird-0:1.5.0.7-0.1.el4.ia64", "product_id": "thunderbird-0:1.5.0.7-0.1.el4.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@1.5.0.7-0.1.el4?arch=ia64" } } } ], "category": "architecture", "name": "ia64" }, { "branches": [ { "category": "product_version", "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "product": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "product_id": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.7-0.1.el4?arch=x86_64" } } }, { "category": "product_version", "name": "thunderbird-0:1.5.0.7-0.1.el4.x86_64", "product": { "name": "thunderbird-0:1.5.0.7-0.1.el4.x86_64", "product_id": "thunderbird-0:1.5.0.7-0.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@1.5.0.7-0.1.el4?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "product": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "product_id": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.7-0.1.el4?arch=i386" } } }, { "category": "product_version", "name": "thunderbird-0:1.5.0.7-0.1.el4.i386", "product": { "name": "thunderbird-0:1.5.0.7-0.1.el4.i386", "product_id": "thunderbird-0:1.5.0.7-0.1.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@1.5.0.7-0.1.el4?arch=i386" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "thunderbird-0:1.5.0.7-0.1.el4.src", "product": { "name": "thunderbird-0:1.5.0.7-0.1.el4.src", "product_id": "thunderbird-0:1.5.0.7-0.1.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@1.5.0.7-0.1.el4?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "product": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "product_id": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.7-0.1.el4?arch=ppc" } } }, { "category": "product_version", "name": "thunderbird-0:1.5.0.7-0.1.el4.ppc", "product": { "name": "thunderbird-0:1.5.0.7-0.1.el4.ppc", "product_id": "thunderbird-0:1.5.0.7-0.1.el4.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@1.5.0.7-0.1.el4?arch=ppc" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "product": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "product_id": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.7-0.1.el4?arch=s390x" } } }, { "category": "product_version", "name": "thunderbird-0:1.5.0.7-0.1.el4.s390x", "product": { "name": "thunderbird-0:1.5.0.7-0.1.el4.s390x", "product_id": "thunderbird-0:1.5.0.7-0.1.el4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@1.5.0.7-0.1.el4?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "product": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "product_id": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.7-0.1.el4?arch=s390" } } }, { "category": "product_version", "name": "thunderbird-0:1.5.0.7-0.1.el4.s390", "product": { "name": "thunderbird-0:1.5.0.7-0.1.el4.s390", "product_id": "thunderbird-0:1.5.0.7-0.1.el4.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@1.5.0.7-0.1.el4?arch=s390" } } } ], "category": "architecture", "name": "s390" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-0:1.5.0.7-0.1.el4.i386" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.i386", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-0:1.5.0.7-0.1.el4.ia64" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.ia64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.ppc as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-0:1.5.0.7-0.1.el4.ppc" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.ppc", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.s390 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.s390", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.s390x as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390x" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.s390x", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.src as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-0:1.5.0.7-0.1.el4.src" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.src", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-0:1.5.0.7-0.1.el4.x86_64" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.x86_64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4", "product_id": "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "relates_to_product_reference": "4AS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.i386" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.i386", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ia64" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.ia64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ppc" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.ppc", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.s390 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.s390", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.s390x as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390x" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.s390x", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.src as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.src" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.src", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.x86_64" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.x86_64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4", "product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "relates_to_product_reference": "4Desktop" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-0:1.5.0.7-0.1.el4.i386" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.i386", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-0:1.5.0.7-0.1.el4.ia64" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.ia64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.ppc as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-0:1.5.0.7-0.1.el4.ppc" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.ppc", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.s390 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.s390", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.s390x as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390x" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.s390x", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.src as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-0:1.5.0.7-0.1.el4.src" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.src", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-0:1.5.0.7-0.1.el4.x86_64" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.x86_64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4", "product_id": "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "relates_to_product_reference": "4ES" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-0:1.5.0.7-0.1.el4.i386" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.i386", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-0:1.5.0.7-0.1.el4.ia64" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.ia64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.ppc as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-0:1.5.0.7-0.1.el4.ppc" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.ppc", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.s390 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.s390", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.s390x as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390x" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.s390x", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.src as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-0:1.5.0.7-0.1.el4.src" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.src", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:1.5.0.7-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-0:1.5.0.7-0.1.el4.x86_64" }, "product_reference": "thunderbird-0:1.5.0.7-0.1.el4.x86_64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "relates_to_product_reference": "4WS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4", "product_id": "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" }, "product_reference": "thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "relates_to_product_reference": "4WS" } ] }, "vulnerabilities": [ { "cve": "CVE-2006-4253", "discovery_date": "2006-08-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618177" } ], "notes": [ { "category": "description", "text": "Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3. NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxdie. Mozilla confirmed to CVE that ffoxdie and ffoxdie3 trigger the same underlying vulnerability. NOTE: it was later reported that Firefox 2.0 RC2 and 1.5.0.7 are also affected.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-0:1.5.0.7-0.1.el4.src", "4AS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.src", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-0:1.5.0.7-0.1.el4.src", "4ES:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-0:1.5.0.7-0.1.el4.src", "4WS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-4253" }, { "category": "external", "summary": "RHBZ#1618177", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618177" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-4253", "url": "https://www.cve.org/CVERecord?id=CVE-2006-4253" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-4253", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4253" } ], "release_date": "2006-08-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-09-15T06:49:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-0:1.5.0.7-0.1.el4.src", "4AS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.src", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-0:1.5.0.7-0.1.el4.src", "4ES:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-0:1.5.0.7-0.1.el4.src", "4WS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0677" } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "security flaw" }, { "cve": "CVE-2006-4340", "discovery_date": "2006-09-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618183" } ], "notes": [ { "category": "description", "text": "Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates, a similar vulnerability to CVE-2006-4339. NOTE: on 20061107, Mozilla released an advisory stating that these versions were not completely patched by MFSA2006-60. The newer fixes for 1.5.0.7 are covered by CVE-2006-5462.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-0:1.5.0.7-0.1.el4.src", "4AS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.src", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-0:1.5.0.7-0.1.el4.src", "4ES:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-0:1.5.0.7-0.1.el4.src", "4WS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-4340" }, { "category": "external", "summary": "RHBZ#1618183", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618183" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-4340", "url": "https://www.cve.org/CVERecord?id=CVE-2006-4340" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-4340", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4340" } ], "release_date": "2006-09-15T00:01:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-09-15T06:49:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-0:1.5.0.7-0.1.el4.src", "4AS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.src", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-0:1.5.0.7-0.1.el4.src", "4ES:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-0:1.5.0.7-0.1.el4.src", "4WS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0677" } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "security flaw" }, { "cve": "CVE-2006-4565", "discovery_date": "2006-09-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618191" } ], "notes": [ { "category": "description", "text": "Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a JavaScript regular expression with a \"minimal quantifier.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-0:1.5.0.7-0.1.el4.src", "4AS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.src", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-0:1.5.0.7-0.1.el4.src", "4ES:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-0:1.5.0.7-0.1.el4.src", "4WS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-4565" }, { "category": "external", "summary": "RHBZ#1618191", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618191" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-4565", "url": "https://www.cve.org/CVERecord?id=CVE-2006-4565" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-4565", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4565" } ], "release_date": "2006-09-15T00:01:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-09-15T06:49:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-0:1.5.0.7-0.1.el4.src", "4AS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.src", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-0:1.5.0.7-0.1.el4.src", "4ES:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-0:1.5.0.7-0.1.el4.src", "4WS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0677" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-4566", "discovery_date": "2006-09-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618192" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) via a malformed JavaScript regular expression that ends with a backslash in an unterminated character set (\"[\\\\\"), which leads to a buffer over-read.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-0:1.5.0.7-0.1.el4.src", "4AS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.src", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-0:1.5.0.7-0.1.el4.src", "4ES:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-0:1.5.0.7-0.1.el4.src", "4WS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-4566" }, { "category": "external", "summary": "RHBZ#1618192", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618192" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-4566", "url": "https://www.cve.org/CVERecord?id=CVE-2006-4566" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-4566", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4566" } ], "release_date": "2006-09-15T00:01:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-09-15T06:49:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-0:1.5.0.7-0.1.el4.src", "4AS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.src", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-0:1.5.0.7-0.1.el4.src", "4ES:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-0:1.5.0.7-0.1.el4.src", "4WS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0677" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "security flaw" }, { "cve": "CVE-2006-4567", "discovery_date": "2006-09-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618193" } ], "notes": [ { "category": "description", "text": "Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted attackers to use DNS spoofing to trick users into visiting a malicious site and accepting a malicious certificate for the Mozilla update site, which can then be used to install arbitrary code on the next update.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-0:1.5.0.7-0.1.el4.src", "4AS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.src", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-0:1.5.0.7-0.1.el4.src", "4ES:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-0:1.5.0.7-0.1.el4.src", "4WS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-4567" }, { "category": "external", "summary": "RHBZ#1618193", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618193" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-4567", "url": "https://www.cve.org/CVERecord?id=CVE-2006-4567" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-4567", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4567" } ], "release_date": "2006-09-15T00:01:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-09-15T06:49:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-0:1.5.0.7-0.1.el4.src", "4AS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.src", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-0:1.5.0.7-0.1.el4.src", "4ES:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-0:1.5.0.7-0.1.el4.src", "4WS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0677" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2006-4570", "discovery_date": "2006-09-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618196" } ], "notes": [ { "category": "description", "text": "Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with \"Load Images\" enabled, allows remote user-assisted attackers to bypass settings that disable JavaScript via a remote XBL file in a message that is loaded when the user views, forwards, or replies to the original message.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-0:1.5.0.7-0.1.el4.src", "4AS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.src", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-0:1.5.0.7-0.1.el4.src", "4ES:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-0:1.5.0.7-0.1.el4.src", "4WS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-4570" }, { "category": "external", "summary": "RHBZ#1618196", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618196" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-4570", "url": "https://www.cve.org/CVERecord?id=CVE-2006-4570" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-4570", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4570" } ], "release_date": "2006-09-15T00:01:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-09-15T06:49:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-0:1.5.0.7-0.1.el4.src", "4AS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.src", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-0:1.5.0.7-0.1.el4.src", "4ES:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-0:1.5.0.7-0.1.el4.src", "4WS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0677" } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "security flaw" }, { "cve": "CVE-2006-4571", "discovery_date": "2006-09-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "209167" } ], "notes": [ { "category": "description", "text": "Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allow remote attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via unspecified vectors, some of which involve JavaScript, and possibly large images or plugin data.", "title": "Vulnerability description" }, { "category": "summary", "text": "seamonkey \u003c 1.0.5 multiple vulnerabilities; to replace Mozilla", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "4AS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-0:1.5.0.7-0.1.el4.src", "4AS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.src", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-0:1.5.0.7-0.1.el4.src", "4ES:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-0:1.5.0.7-0.1.el4.src", "4WS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2006-4571" }, { "category": "external", "summary": "RHBZ#209167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=209167" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2006-4571", "url": "https://www.cve.org/CVERecord?id=CVE-2006-4571" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-4571", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4571" } ], "release_date": "2006-09-15T00:01:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2006-09-15T06:49:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "4AS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-0:1.5.0.7-0.1.el4.src", "4AS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4AS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.src", "4Desktop:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4Desktop:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-0:1.5.0.7-0.1.el4.src", "4ES:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4ES:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-0:1.5.0.7-0.1.el4.src", "4WS:thunderbird-0:1.5.0.7-0.1.el4.x86_64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.i386", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ia64", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.ppc", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.s390x", "4WS:thunderbird-debuginfo-0:1.5.0.7-0.1.el4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2006:0677" } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "seamonkey \u003c 1.0.5 multiple vulnerabilities; to replace Mozilla" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.