rhsa-2007_0078
Vulnerability from csaf_redhat
Published
2007-03-02 18:27
Modified
2024-09-15 16:35
Summary
Red Hat Security Advisory: thunderbird security update
Notes
Topic
Updated thunderbird packages that fix several security bugs are now
available for Red Hat Enterprise Linux 4.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
[Updated 06 March 2007]
Updated text description to add CVE-2007-1282 and remove CVE-2007-0994,
which was mistakenly listed as affecting Thunderbird. No changes have been
made to these erratum packages.
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
Several flaws were found in the way Thunderbird processed certain malformed
JavaScript code. A malicious HTML mail message could execute JavaScript
code in such a way that may result in Thunderbird crashing or executing
arbitrary code as the user running Thunderbird. JavaScript support is
disabled by default in Thunderbird; these issues are not exploitable unless
the user has enabled JavaScript. (CVE-2007-0775, CVE-2007-0777, CVE-2007-1092)
A flaw was found in the way Thunderbird processed text/enhanced and
text/richtext formatted mail message. A specially crafted mail message
could execute arbitrary code with the privileges of the user running
Thunderbird. (CVE-2007-1282)
Several cross-site scripting (XSS) flaws were found in the way Thunderbird
processed certain malformed HTML mail messages. A malicious HTML mail
message could display misleading information which may result in a user
unknowingly divulging sensitive information such as a password.
(CVE-2006-6077, CVE-2007-0995, CVE-2007-0996)
A flaw was found in the way Thunderbird cached web content on the local
disk. A malicious HTML mail message may be able to inject arbitrary HTML
into a browsing session if the user reloads a targeted site. (CVE-2007-0778)
A flaw was found in the way Thunderbird displayed certain web content. A
malicious HTML mail message could generate content which could overlay user
interface elements such as the hostname and security indicators, tricking a
user into thinking they are visiting a different site. (CVE-2007-0779)
Two flaws were found in the way Thunderbird displayed blocked popup
windows. If a user can be convinced to open a blocked popup, it is possible
to read arbitrary local files, or conduct an XSS attack against the user.
(CVE-2007-0780, CVE-2007-0800)
Two buffer overflow flaws were found in the Network Security Services (NSS)
code for processing the SSLv2 protocol. Connecting to a malicious secure
web server could cause the execution of arbitrary code as the user running
Thunderbird. (CVE-2007-0008, CVE-2007-0009)
A flaw was found in the way Thunderbird handled the "location.hostname"
value during certain browser domain checks. This flaw could allow a
malicious HTML mail message to set domain cookies for an arbitrary site, or
possibly perform an XSS attack. (CVE-2007-0981)
Users of Thunderbird are advised to apply this update, which contains
Thunderbird version 1.5.0.10 that corrects these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated thunderbird packages that fix several security bugs are now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.\n\n[Updated 06 March 2007]\nUpdated text description to add CVE-2007-1282 and remove CVE-2007-0994,\nwhich was mistakenly listed as affecting Thunderbird. No changes have been\nmade to these erratum packages.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the way Thunderbird processed certain malformed\nJavaScript code. A malicious HTML mail message could execute JavaScript\ncode in such a way that may result in Thunderbird crashing or executing\narbitrary code as the user running Thunderbird. JavaScript support is\ndisabled by default in Thunderbird; these issues are not exploitable unless\nthe user has enabled JavaScript. (CVE-2007-0775, CVE-2007-0777, CVE-2007-1092)\n\nA flaw was found in the way Thunderbird processed text/enhanced and\ntext/richtext formatted mail message. A specially crafted mail message\ncould execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2007-1282)\n\nSeveral cross-site scripting (XSS) flaws were found in the way Thunderbird\nprocessed certain malformed HTML mail messages. A malicious HTML mail\nmessage could display misleading information which may result in a user\nunknowingly divulging sensitive information such as a password.\n(CVE-2006-6077, CVE-2007-0995, CVE-2007-0996)\n\nA flaw was found in the way Thunderbird cached web content on the local\ndisk. A malicious HTML mail message may be able to inject arbitrary HTML\ninto a browsing session if the user reloads a targeted site. (CVE-2007-0778)\n\nA flaw was found in the way Thunderbird displayed certain web content. A\nmalicious HTML mail message could generate content which could overlay user\ninterface elements such as the hostname and security indicators, tricking a\nuser into thinking they are visiting a different site. (CVE-2007-0779)\n\nTwo flaws were found in the way Thunderbird displayed blocked popup\nwindows. If a user can be convinced to open a blocked popup, it is possible\nto read arbitrary local files, or conduct an XSS attack against the user.\n(CVE-2007-0780, CVE-2007-0800)\n\nTwo buffer overflow flaws were found in the Network Security Services (NSS)\ncode for processing the SSLv2 protocol. Connecting to a malicious secure\nweb server could cause the execution of arbitrary code as the user running\nThunderbird. (CVE-2007-0008, CVE-2007-0009)\n\nA flaw was found in the way Thunderbird handled the \"location.hostname\"\nvalue during certain browser domain checks. This flaw could allow a\nmalicious HTML mail message to set domain cookies for an arbitrary site, or\npossibly perform an XSS attack. (CVE-2007-0981)\n\nUsers of Thunderbird are advised to apply this update, which contains\nThunderbird version 1.5.0.10 that corrects these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2007:0078",
"url": "https://access.redhat.com/errata/RHSA-2007:0078"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "166574",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=166574"
},
{
"category": "external",
"summary": "204453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=204453"
},
{
"category": "external",
"summary": "230542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=230542"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2007/rhsa-2007_0078.json"
}
],
"title": "Red Hat Security Advisory: thunderbird security update",
"tracking": {
"current_release_date": "2024-09-15T16:35:14+00:00",
"generator": {
"date": "2024-09-15T16:35:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2007:0078",
"initial_release_date": "2007-03-02T18:27:00+00:00",
"revision_history": [
{
"date": "2007-03-02T18:27:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2007-03-06T18:03:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-15T16:35:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.10-0.1.el4.ia64",
"product": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.ia64",
"product_id": "thunderbird-0:1.5.0.10-0.1.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.10-0.1.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"product_id": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.10-0.1.el4?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.10-0.1.el4.src",
"product": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.src",
"product_id": "thunderbird-0:1.5.0.10-0.1.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.10-0.1.el4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"product": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"product_id": "thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.10-0.1.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"product_id": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.10-0.1.el4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.10-0.1.el4.i386",
"product": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.i386",
"product_id": "thunderbird-0:1.5.0.10-0.1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.10-0.1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"product_id": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.10-0.1.el4?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.10-0.1.el4.ppc",
"product": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.ppc",
"product_id": "thunderbird-0:1.5.0.10-0.1.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.10-0.1.el4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"product_id": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.10-0.1.el4?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.10-0.1.el4.s390x",
"product": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.s390x",
"product_id": "thunderbird-0:1.5.0.10-0.1.el4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.10-0.1.el4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"product_id": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.10-0.1.el4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.10-0.1.el4.s390",
"product": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.s390",
"product_id": "thunderbird-0:1.5.0.10-0.1.el4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.10-0.1.el4?arch=s390"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"product_id": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.10-0.1.el4?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.10-0.1.el4.i386"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.10-0.1.el4.s390"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.10-0.1.el4.src"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.10-0.1.el4.i386"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.10-0.1.el4.s390"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.10-0.1.el4.src"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.10-0.1.el4.i386"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.10-0.1.el4.s390"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.10-0.1.el4.src"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.10-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64"
},
"product_reference": "thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-6077",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618236"
}
],
"notes": [
{
"category": "description",
"text": "The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2006-6077"
},
{
"category": "external",
"summary": "RHBZ#1618236",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618236"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2006-6077",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-6077"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-6077",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-6077"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0078"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0008",
"discovery_date": "2006-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "565576"
}
],
"notes": [
{
"category": "description",
"text": "Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the \"Master Secret\", which results in a heap-based overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NSS: SSLv2 protocol buffer overflows",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0008"
},
{
"category": "external",
"summary": "RHBZ#565576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=565576"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0008",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0008"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0008",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0008"
}
],
"release_date": "2007-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0078"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "NSS: SSLv2 protocol buffer overflows"
},
{
"cve": "CVE-2007-0009",
"discovery_date": "2006-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "565576"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid \"Client Master Key\" length values.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NSS: SSLv2 protocol buffer overflows",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0009"
},
{
"category": "external",
"summary": "RHBZ#565576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=565576"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0009",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0009"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0009",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0009"
}
],
"release_date": "2007-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0078"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "NSS: SSLv2 protocol buffer overflows"
},
{
"cve": "CVE-2007-0775",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618273"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0775"
},
{
"category": "external",
"summary": "RHBZ#1618273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0775",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0775"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0078"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0777",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618275"
}
],
"notes": [
{
"category": "description",
"text": "The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0777"
},
{
"category": "external",
"summary": "RHBZ#1618275",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618275"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0777",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0777"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0777",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0777"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0078"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0778",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618276"
}
],
"notes": [
{
"category": "description",
"text": "The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when the target page is reloaded from the cache.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0778"
},
{
"category": "external",
"summary": "RHBZ#1618276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618276"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0778"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0778",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0778"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0078"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0779",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618277"
}
],
"notes": [
{
"category": "description",
"text": "GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom cursor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0779"
},
{
"category": "external",
"summary": "RHBZ#1618277",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618277"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0779",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0779"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0779",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0779"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0078"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0780",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618278"
}
],
"notes": [
{
"category": "description",
"text": "browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0780"
},
{
"category": "external",
"summary": "RHBZ#1618278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0780",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0780"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0780",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0780"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0078"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0800",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618279"
}
],
"notes": [
{
"category": "description",
"text": "Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0800"
},
{
"category": "external",
"summary": "RHBZ#1618279",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618279"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0800"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0078"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0981",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "229253"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": ": seamonkey cookie setting / same-domain bypass vulnerability",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0981"
},
{
"category": "external",
"summary": "RHBZ#229253",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=229253"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0981",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0981"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0981",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0981"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0078"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": ": seamonkey cookie setting / same-domain bypass vulnerability"
},
{
"cve": "CVE-2007-0995",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618287"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0995"
},
{
"category": "external",
"summary": "RHBZ#1618287",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618287"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0995",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0995"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0995",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0995"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0078"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0996",
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618288"
}
],
"notes": [
{
"category": "description",
"text": "The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0996"
},
{
"category": "external",
"summary": "RHBZ#1618288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618288"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0996",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0996"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0996",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0996"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0078"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-1092",
"discovery_date": "2007-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618293"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize hook on DOM window objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-1092"
},
{
"category": "external",
"summary": "RHBZ#1618293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618293"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-1092",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1092"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-1092",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1092"
}
],
"release_date": "2007-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0078"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-1282",
"discovery_date": "2007-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618295"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-1282"
},
{
"category": "external",
"summary": "RHBZ#1618295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618295"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-1282",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-1282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1282"
}
],
"release_date": "2007-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4AS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.src",
"4Desktop:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.src",
"4ES:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.src",
"4WS:thunderbird-0:1.5.0.10-0.1.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.10-0.1.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0078"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "security flaw"
}
]
}
Loading...