ID de Prueba:	1.3.6.1.4.1.25623.1.0.66973
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2010:051 (mozilla-thunderbird)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to mozilla-thunderbird announced via advisory MDVSA-2010:051. A vulnerabilitiy has been found and corrected in mozilla-thunderbird: Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called (CVE-2009-1571). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. Affected: 2008.0, 2009.1, 2010.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:051 http://www.mozilla.org/security/announce/2010/mfsa2010-03.html Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1571 Bugtraq: 20100218 Secunia Research: Mozilla Firefox Memory Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/509585/100/0/threaded Debian Security Information: DSA-1999 (Google Search) http://www.debian.org/security/2010/dsa-1999 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035426.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035346.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035367.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036097.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036132.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:042 http://www.mandriva.com/security/advisories?name=MDVSA-2010:051 http://secunia.com/secunia_research/2009-45/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11227 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8615 http://www.redhat.com/support/errata/RHSA-2010-0112.html http://www.redhat.com/support/errata/RHSA-2010-0113.html http://www.redhat.com/support/errata/RHSA-2010-0153.html http://www.redhat.com/support/errata/RHSA-2010-0154.html http://secunia.com/advisories/37242 http://secunia.com/advisories/38770 http://secunia.com/advisories/38772 http://secunia.com/advisories/38847 SuSE Security Announcement: SUSE-SA:2010:015 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00001.html http://www.ubuntu.com/usn/USN-895-1 http://www.ubuntu.com/usn/USN-896-1 http://www.vupen.com/english/advisories/2010/0405 http://www.vupen.com/english/advisories/2010/0650 XForce ISS Database: mozilla-htmlparser-code-exec(56361) https://exchange.xforce.ibmcloud.com/vulnerabilities/56361
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.