rhsa-2010_0154
Vulnerability from csaf_redhat
Published
2010-03-17 13:04
Modified
2024-11-22 03:23
Summary
Red Hat Security Advisory: thunderbird security update

Notes

Topic
An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
Details
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2466, CVE-2009-3072, CVE-2009-3075, CVE-2009-3380, CVE-2009-3979, CVE-2010-0159) A use-after-free flaw was found in Thunderbird. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-3077) A heap-based buffer overflow flaw was found in the Thunderbird string to floating point conversion routines. An HTML mail message containing malicious JavaScript could crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-0689) A use-after-free flaw was found in Thunderbird. Under low memory conditions, viewing an HTML mail message containing malicious content could result in Thunderbird executing arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-1571) A flaw was found in the way Thunderbird created temporary file names for downloaded files. If a local attacker knows the name of a file Thunderbird is going to download, they can replace the contents of that file with arbitrary contents. (CVE-2009-3274) A flaw was found in the way Thunderbird displayed a right-to-left override character when downloading a file. In these cases, the name displayed in the title bar differed from the name displayed in the dialog body. An attacker could use this flaw to trick a user into downloading a file that has a file name or extension that is different from what the user expected. (CVE-2009-3376) A flaw was found in the way Thunderbird processed SOCKS5 proxy replies. A malicious SOCKS5 server could send a specially-crafted reply that would cause Thunderbird to crash. (CVE-2009-2470) Descriptions in the dialogs when adding and removing PKCS #11 modules were not informative. An attacker able to trick a user into installing a malicious PKCS #11 module could use this flaw to install their own Certificate Authority certificates on a user's machine, making it possible to trick the user into believing they are viewing trusted content or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2009-3076) All Thunderbird users should upgrade to this updated package, which resolves these issues. All running instances of Thunderbird must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.



{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated thunderbird package that fixes several security issues is now\navailable for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2466,\nCVE-2009-3072, CVE-2009-3075, CVE-2009-3380, CVE-2009-3979, CVE-2010-0159)\n\nA use-after-free flaw was found in Thunderbird. An attacker could use this\nflaw to crash Thunderbird or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2009-3077)\n\nA heap-based buffer overflow flaw was found in the Thunderbird string to\nfloating point conversion routines. An HTML mail message containing\nmalicious JavaScript could crash Thunderbird or, potentially, execute\narbitrary code with the privileges of the user running Thunderbird.\n(CVE-2009-0689)\n\nA use-after-free flaw was found in Thunderbird. Under low memory\nconditions, viewing an HTML mail message containing malicious content could\nresult in Thunderbird executing arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-1571)\n\nA flaw was found in the way Thunderbird created temporary file names for\ndownloaded files. If a local attacker knows the name of a file Thunderbird\nis going to download, they can replace the contents of that file with\narbitrary contents. (CVE-2009-3274)\n\nA flaw was found in the way Thunderbird displayed a right-to-left override\ncharacter when downloading a file. In these cases, the name displayed in\nthe title bar differed from the name displayed in the dialog body. An\nattacker could use this flaw to trick a user into downloading a file that\nhas a file name or extension that is different from what the user expected.\n(CVE-2009-3376)\n\nA flaw was found in the way Thunderbird processed SOCKS5 proxy replies. A\nmalicious SOCKS5 server could send a specially-crafted reply that would\ncause Thunderbird to crash. (CVE-2009-2470)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules were\nnot informative. An attacker able to trick a user into installing a\nmalicious PKCS #11 module could use this flaw to install their own\nCertificate Authority certificates on a user\u0027s machine, making it possible\nto trick the user into believing they are viewing trusted content or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2009-3076)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2010:0154",
        "url": "https://access.redhat.com/errata/RHSA-2010:0154"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "512128",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512128"
      },
      {
        "category": "external",
        "summary": "512131",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512131"
      },
      {
        "category": "external",
        "summary": "512136",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512136"
      },
      {
        "category": "external",
        "summary": "512145",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512145"
      },
      {
        "category": "external",
        "summary": "521688",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=521688"
      },
      {
        "category": "external",
        "summary": "521691",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=521691"
      },
      {
        "category": "external",
        "summary": "521692",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=521692"
      },
      {
        "category": "external",
        "summary": "521693",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=521693"
      },
      {
        "category": "external",
        "summary": "524815",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=524815"
      },
      {
        "category": "external",
        "summary": "530162",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530162"
      },
      {
        "category": "external",
        "summary": "530168",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530168"
      },
      {
        "category": "external",
        "summary": "530567",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530567"
      },
      {
        "category": "external",
        "summary": "546694",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=546694"
      },
      {
        "category": "external",
        "summary": "566047",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=566047"
      },
      {
        "category": "external",
        "summary": "566050",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=566050"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0154.json"
      }
    ],
    "title": "Red Hat Security Advisory: thunderbird security update",
    "tracking": {
      "current_release_date": "2024-11-22T03:23:17+00:00",
      "generator": {
        "date": "2024-11-22T03:23:17+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2010:0154",
      "initial_release_date": "2010-03-17T13:04:00+00:00",
      "revision_history": [
        {
          "date": "2010-03-17T13:04:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2010-03-17T09:22:56+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T03:23:17+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 4",
                  "product_id": "4AS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop version 4",
                  "product_id": "4Desktop",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 4",
                  "product_id": "4ES",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::es"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 4",
                  "product_id": "4WS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:1.5.0.12-25.el4.ia64",
                "product": {
                  "name": "thunderbird-0:1.5.0.12-25.el4.ia64",
                  "product_id": "thunderbird-0:1.5.0.12-25.el4.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-25.el4?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
                "product": {
                  "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
                  "product_id": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-25.el4?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:1.5.0.12-25.el4.src",
                "product": {
                  "name": "thunderbird-0:1.5.0.12-25.el4.src",
                  "product_id": "thunderbird-0:1.5.0.12-25.el4.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-25.el4?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:1.5.0.12-25.el4.x86_64",
                "product": {
                  "name": "thunderbird-0:1.5.0.12-25.el4.x86_64",
                  "product_id": "thunderbird-0:1.5.0.12-25.el4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-25.el4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
                "product": {
                  "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
                  "product_id": "thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-25.el4?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:1.5.0.12-25.el4.i386",
                "product": {
                  "name": "thunderbird-0:1.5.0.12-25.el4.i386",
                  "product_id": "thunderbird-0:1.5.0.12-25.el4.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-25.el4?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
                "product": {
                  "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
                  "product_id": "thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-25.el4?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:1.5.0.12-25.el4.ppc",
                "product": {
                  "name": "thunderbird-0:1.5.0.12-25.el4.ppc",
                  "product_id": "thunderbird-0:1.5.0.12-25.el4.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-25.el4?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
                "product": {
                  "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
                  "product_id": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-25.el4?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:1.5.0.12-25.el4.s390x",
                "product": {
                  "name": "thunderbird-0:1.5.0.12-25.el4.s390x",
                  "product_id": "thunderbird-0:1.5.0.12-25.el4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-25.el4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
                "product": {
                  "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
                  "product_id": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-25.el4?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:1.5.0.12-25.el4.s390",
                "product": {
                  "name": "thunderbird-0:1.5.0.12-25.el4.s390",
                  "product_id": "thunderbird-0:1.5.0.12-25.el4.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-25.el4?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
                "product": {
                  "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
                  "product_id": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-25.el4?arch=s390"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:thunderbird-0:1.5.0.12-25.el4.i386"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:thunderbird-0:1.5.0.12-25.el4.ia64"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:thunderbird-0:1.5.0.12-25.el4.ppc"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:thunderbird-0:1.5.0.12-25.el4.s390"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:thunderbird-0:1.5.0.12-25.el4.s390x"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.src as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:thunderbird-0:1.5.0.12-25.el4.src"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.src",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.src as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:thunderbird-0:1.5.0.12-25.el4.src"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.src",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:thunderbird-0:1.5.0.12-25.el4.i386"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:thunderbird-0:1.5.0.12-25.el4.ia64"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:thunderbird-0:1.5.0.12-25.el4.ppc"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:thunderbird-0:1.5.0.12-25.el4.s390"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:thunderbird-0:1.5.0.12-25.el4.s390x"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.src as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:thunderbird-0:1.5.0.12-25.el4.src"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.src",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:thunderbird-0:1.5.0.12-25.el4.i386"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:thunderbird-0:1.5.0.12-25.el4.ia64"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:thunderbird-0:1.5.0.12-25.el4.ppc"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:thunderbird-0:1.5.0.12-25.el4.s390"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:thunderbird-0:1.5.0.12-25.el4.s390x"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.src as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:thunderbird-0:1.5.0.12-25.el4.src"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.src",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:1.5.0.12-25.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64"
        },
        "product_reference": "thunderbird-0:1.5.0.12-25.el4.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
        "relates_to_product_reference": "4WS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2009-0689",
      "discovery_date": "2009-11-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "539784"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "array index error in dtoa implementation of many products",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-0689"
        },
        {
          "category": "external",
          "summary": "RHBZ#539784",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=539784"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0689",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-0689"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0689",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0689"
        }
      ],
      "release_date": "2009-11-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "array index error in dtoa implementation of many products"
    },
    {
      "cve": "CVE-2009-1571",
      "discovery_date": "2010-02-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "566050"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory situations.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla incorrectly frees used memory (MFSA 2010-03)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-1571"
        },
        {
          "category": "external",
          "summary": "RHBZ#566050",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=566050"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1571",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-1571"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1571",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1571"
        }
      ],
      "release_date": "2010-02-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla incorrectly frees used memory (MFSA 2010-03)"
    },
    {
      "cve": "CVE-2009-2462",
      "discovery_date": "2009-07-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "512128"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, and (10) nsContentUtils::ComparePosition.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla Browser engine crashes",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-2462"
        },
        {
          "category": "external",
          "summary": "RHBZ#512128",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512128"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2462",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-2462"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2462",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2462"
        }
      ],
      "release_date": "2009-07-21T23:56:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla Browser engine crashes"
    },
    {
      "cve": "CVE-2009-2463",
      "discovery_date": "2009-07-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "512131"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple integer overflows in the (1) PL_Base64Decode and (2) PL_Base64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors that trigger buffer overflows.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla Base64 decoding crash",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-2463"
        },
        {
          "category": "external",
          "summary": "RHBZ#512131",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512131"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2463",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-2463"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2463",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2463"
        }
      ],
      "release_date": "2009-07-21T23:56:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla Base64 decoding crash"
    },
    {
      "cve": "CVE-2009-2466",
      "discovery_date": "2009-07-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "512136"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsDOMClassInfo.cpp, (2) JS_HashTableRawLookup, and (3) MirrorWrappedNativeParent and js_LockGCThingRT.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla JavaScript engine crashes",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-2466"
        },
        {
          "category": "external",
          "summary": "RHBZ#512136",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512136"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2466",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-2466"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2466",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2466"
        }
      ],
      "release_date": "2009-07-21T23:56:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla JavaScript engine crashes"
    },
    {
      "cve": "CVE-2009-2470",
      "discovery_date": "2009-07-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "512145"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla data corruption with SOCKS5 reply",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-2470"
        },
        {
          "category": "external",
          "summary": "RHBZ#512145",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512145"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2470",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-2470"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2470",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2470"
        }
      ],
      "release_date": "2009-07-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "Mozilla data corruption with SOCKS5 reply"
    },
    {
      "cve": "CVE-2009-3072",
      "discovery_date": "2009-09-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "521688"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Firefox 3.5.3 3.0.14 browser engine crashes",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-3072"
        },
        {
          "category": "external",
          "summary": "RHBZ#521688",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=521688"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3072",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-3072"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3072",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3072"
        }
      ],
      "release_date": "2009-09-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Firefox 3.5.3 3.0.14 browser engine crashes"
    },
    {
      "cve": "CVE-2009-3075",
      "discovery_date": "2009-09-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "521691"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Firefox 3.5.2 3.0.14 JavaScript engine crashes",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-3075"
        },
        {
          "category": "external",
          "summary": "RHBZ#521691",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=521691"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3075",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-3075"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3075",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3075"
        }
      ],
      "release_date": "2009-09-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Firefox 3.5.2 3.0.14 JavaScript engine crashes"
    },
    {
      "cve": "CVE-2009-3076",
      "discovery_date": "2009-09-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "521692"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Mozilla Firefox before 3.0.14 does not properly implement certain dialogs associated with the (1) pkcs11.addmodule and (2) pkcs11.deletemodule operations, which makes it easier for remote attackers to trick a user into installing or removing an arbitrary PKCS11 module.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Firefox 3.0.14 Insufficient warning for PKCS11 module installation and removal",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-3076"
        },
        {
          "category": "external",
          "summary": "RHBZ#521692",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=521692"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3076",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-3076"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3076",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3076"
        }
      ],
      "release_date": "2009-09-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Firefox 3.0.14 Insufficient warning for PKCS11 module installation and removal"
    },
    {
      "cve": "CVE-2009-3077",
      "discovery_date": "2009-09-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "521693"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a \"dangling pointer vulnerability.\"",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Firefox 3.5.3 3.0.14 TreeColumns dangling pointer vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-3077"
        },
        {
          "category": "external",
          "summary": "RHBZ#521693",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=521693"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3077",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-3077"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3077",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3077"
        }
      ],
      "release_date": "2009-09-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Firefox 3.5.3 3.0.14 TreeColumns dangling pointer vulnerability"
    },
    {
      "cve": "CVE-2009-3274",
      "discovery_date": "2009-09-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "524815"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp location before the download occurs, related to the Download Manager component. NOTE: some of these details are obtained from third party information.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Firefox: Predictable /tmp pathname use",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-3274"
        },
        {
          "category": "external",
          "summary": "RHBZ#524815",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=524815"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3274",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-3274"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3274",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3274"
        }
      ],
      "release_date": "2009-09-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Firefox: Predictable /tmp pathname use"
    },
    {
      "cve": "CVE-2009-3376",
      "discovery_date": "2009-10-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "530168"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Firefox download filename spoofing with RTL override",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-3376"
        },
        {
          "category": "external",
          "summary": "RHBZ#530168",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530168"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3376",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-3376"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3376",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3376"
        }
      ],
      "release_date": "2009-10-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "Firefox download filename spoofing with RTL override"
    },
    {
      "cve": "CVE-2009-3380",
      "discovery_date": "2009-10-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "530567"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Firefox crashes with evidence of memory corruption",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-3380"
        },
        {
          "category": "external",
          "summary": "RHBZ#530567",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530567"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3380",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-3380"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3380",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3380"
        }
      ],
      "release_date": "2009-10-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Firefox crashes with evidence of memory corruption"
    },
    {
      "cve": "CVE-2009-3384",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2009-10-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "530164"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service (application crash), or obtain sensitive information via a crafted directory listing in a reply.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Firefox integer underflow in FTP directory list parser",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-3384"
        },
        {
          "category": "external",
          "summary": "RHBZ#530164",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530164"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3384",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-3384"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3384",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3384"
        }
      ],
      "release_date": "2009-10-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Firefox integer underflow in FTP directory list parser"
    },
    {
      "cve": "CVE-2009-3979",
      "discovery_date": "2009-12-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "546694"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla crash with evidence of memory corruption",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-3979"
        },
        {
          "category": "external",
          "summary": "RHBZ#546694",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=546694"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3979",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-3979"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3979",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3979"
        }
      ],
      "release_date": "2009-12-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla crash with evidence of memory corruption"
    },
    {
      "cve": "CVE-2010-0159",
      "discovery_date": "2010-02-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "566047"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla crashes with evidence of memory corruption (MFSA 2010-01)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2010-0159"
        },
        {
          "category": "external",
          "summary": "RHBZ#566047",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=566047"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2010-0159",
          "url": "https://www.cve.org/CVERecord?id=CVE-2010-0159"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0159",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0159"
        }
      ],
      "release_date": "2010-02-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla crashes with evidence of memory corruption (MFSA 2010-01)"
    },
    {
      "cve": "CVE-2010-0163",
      "discovery_date": "2010-03-22T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "576391"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "seamonkey/thunderbird: crash when indexing certain messages with attachments",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2010-0163"
        },
        {
          "category": "external",
          "summary": "RHBZ#576391",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=576391"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2010-0163",
          "url": "https://www.cve.org/CVERecord?id=CVE-2010-0163"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0163",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0163"
        }
      ],
      "release_date": "2010-03-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "seamonkey/thunderbird: crash when indexing certain messages with attachments"
    },
    {
      "cve": "CVE-2010-0169",
      "discovery_date": "2010-03-23T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "576694"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to the XUL cache, which might allow remote attackers to modify the browser\u0027s font and other CSS attributes, and potentially disrupt rendering of a web page, by forcing the browser to perform this erroneous stylesheet caching.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "firefox/thunderbird/seamonkey: browser chrome defacement via cached XUL stylesheets (MFSA 2010-14)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2010-0169"
        },
        {
          "category": "external",
          "summary": "RHBZ#576694",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=576694"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2010-0169",
          "url": "https://www.cve.org/CVERecord?id=CVE-2010-0169"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0169",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0169"
        }
      ],
      "release_date": "2010-03-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "firefox/thunderbird/seamonkey: browser chrome defacement via cached XUL stylesheets (MFSA 2010-14)"
    },
    {
      "cve": "CVE-2010-0171",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "discovery_date": "2010-03-23T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "576696"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allow remote attackers to perform cross-origin keystroke capture, and possibly conduct cross-site scripting (XSS) attacks, by using the addEventListener and setTimeout functions in conjunction with a wrapped object.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2007-3736.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "firefox/thunderbird/seamonkey: XSS using addEventListener and setTimeout on a wrapped object (MFSA 2010-12)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-0:1.5.0.12-25.el4.src",
          "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
          "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-0:1.5.0.12-25.el4.src",
          "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-0:1.5.0.12-25.el4.src",
          "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
          "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2010-0171"
        },
        {
          "category": "external",
          "summary": "RHBZ#576696",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=576696"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2010-0171",
          "url": "https://www.cve.org/CVERecord?id=CVE-2010-0171"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-0171",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0171"
        }
      ],
      "release_date": "2010-03-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-03-17T13:04:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0154"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "4AS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-0:1.5.0.12-25.el4.src",
            "4AS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4AS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.src",
            "4Desktop:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4Desktop:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-0:1.5.0.12-25.el4.src",
            "4ES:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4ES:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-0:1.5.0.12-25.el4.src",
            "4WS:thunderbird-0:1.5.0.12-25.el4.x86_64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.i386",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ia64",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.ppc",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.s390x",
            "4WS:thunderbird-debuginfo-0:1.5.0.12-25.el4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "firefox/thunderbird/seamonkey: XSS using addEventListener and setTimeout on a wrapped object (MFSA 2010-12)"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.