rhsa-2009_0002
Vulnerability from csaf_redhat
Published
2009-01-07 10:27
Modified
2024-12-22 17:53
Summary
Red Hat Security Advisory: thunderbird security update
Notes
Topic
Updated thunderbird packages that fix several security issues are now
available for Red Hat Enterprise Linux 4 and 5.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
Several flaws were found in the processing of malformed HTML mail content.
An HTML mail message containing malicious content could cause Thunderbird
to crash or, potentially, execute arbitrary code as the user running
Thunderbird. (CVE-2008-5500, CVE-2008-5501, CVE-2008-5502, CVE-2008-5511,
CVE-2008-5512, CVE-2008-5513)
Several flaws were found in the way malformed content was processed. An
HTML mail message containing specially-crafted content could potentially
trick a Thunderbird user into surrendering sensitive information.
(CVE-2008-5503, CVE-2008-5506, CVE-2008-5507)
Note: JavaScript support is disabled by default in Thunderbird; the above
issues are not exploitable unless JavaScript is enabled.
A flaw was found in the way malformed URLs were processed by
Thunderbird. This flaw could prevent various URL sanitization mechanisms
from properly parsing a malicious URL. (CVE-2008-5508)
All Thunderbird users should upgrade to these updated packages, which
resolve these issues. All running instances of Thunderbird must be
restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated thunderbird packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code as the user running\nThunderbird. (CVE-2008-5500, CVE-2008-5501, CVE-2008-5502, CVE-2008-5511,\nCVE-2008-5512, CVE-2008-5513)\n\nSeveral flaws were found in the way malformed content was processed. An\nHTML mail message containing specially-crafted content could potentially\ntrick a Thunderbird user into surrendering sensitive information.\n(CVE-2008-5503, CVE-2008-5506, CVE-2008-5507)\n\nNote: JavaScript support is disabled by default in Thunderbird; the above\nissues are not exploitable unless JavaScript is enabled.\n\nA flaw was found in the way malformed URLs were processed by\nThunderbird. This flaw could prevent various URL sanitization mechanisms\nfrom properly parsing a malicious URL. (CVE-2008-5508)\n\nAll Thunderbird users should upgrade to these updated packages, which\nresolve these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:0002",
"url": "https://access.redhat.com/errata/RHSA-2009:0002"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#moderate",
"url": "http://www.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "476266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476266"
},
{
"category": "external",
"summary": "476267",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476267"
},
{
"category": "external",
"summary": "476269",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476269"
},
{
"category": "external",
"summary": "476272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476272"
},
{
"category": "external",
"summary": "476278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476278"
},
{
"category": "external",
"summary": "476280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476280"
},
{
"category": "external",
"summary": "476281",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476281"
},
{
"category": "external",
"summary": "476285",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476285"
},
{
"category": "external",
"summary": "476287",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476287"
},
{
"category": "external",
"summary": "476289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_0002.json"
}
],
"title": "Red Hat Security Advisory: thunderbird security update",
"tracking": {
"current_release_date": "2024-12-22T17:53:24+00:00",
"generator": {
"date": "2024-12-22T17:53:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.4"
}
},
"id": "RHSA-2009:0002",
"initial_release_date": "2009-01-07T10:27:00+00:00",
"revision_history": [
{
"date": "2009-01-07T10:27:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-01-07T05:28:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-22T17:53:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_productivity:5"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"product_id": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-18.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.12-18.el4.ia64",
"product": {
"name": "thunderbird-0:1.5.0.12-18.el4.ia64",
"product_id": "thunderbird-0:1.5.0.12-18.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-18.el4?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"product_id": "thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-18.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.12-18.el4.x86_64",
"product": {
"name": "thunderbird-0:1.5.0.12-18.el4.x86_64",
"product_id": "thunderbird-0:1.5.0.12-18.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-18.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"product": {
"name": "thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"product_id": "thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@2.0.0.19-1.el5_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"product_id": "thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@2.0.0.19-1.el5_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"product_id": "thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-18.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.12-18.el4.i386",
"product": {
"name": "thunderbird-0:1.5.0.12-18.el4.i386",
"product_id": "thunderbird-0:1.5.0.12-18.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-18.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:2.0.0.19-1.el5_2.i386",
"product": {
"name": "thunderbird-0:2.0.0.19-1.el5_2.i386",
"product_id": "thunderbird-0:2.0.0.19-1.el5_2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@2.0.0.19-1.el5_2?arch=i386"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"product": {
"name": "thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"product_id": "thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@2.0.0.19-1.el5_2?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.12-18.el4.src",
"product": {
"name": "thunderbird-0:1.5.0.12-18.el4.src",
"product_id": "thunderbird-0:1.5.0.12-18.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-18.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:2.0.0.19-1.el5_2.src",
"product": {
"name": "thunderbird-0:2.0.0.19-1.el5_2.src",
"product_id": "thunderbird-0:2.0.0.19-1.el5_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@2.0.0.19-1.el5_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"product_id": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-18.el4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.12-18.el4.ppc",
"product": {
"name": "thunderbird-0:1.5.0.12-18.el4.ppc",
"product_id": "thunderbird-0:1.5.0.12-18.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-18.el4?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"product_id": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-18.el4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.12-18.el4.s390x",
"product": {
"name": "thunderbird-0:1.5.0.12-18.el4.s390x",
"product_id": "thunderbird-0:1.5.0.12-18.el4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-18.el4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"product": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"product_id": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@1.5.0.12-18.el4?arch=s390"
}
}
},
{
"category": "product_version",
"name": "thunderbird-0:1.5.0.12-18.el4.s390",
"product": {
"name": "thunderbird-0:1.5.0.12-18.el4.s390",
"product_id": "thunderbird-0:1.5.0.12-18.el4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@1.5.0.12-18.el4?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.12-18.el4.i386"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.12-18.el4.ia64"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.12-18.el4.ppc"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.12-18.el4.s390"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.12-18.el4.s390x"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.12-18.el4.src"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-0:1.5.0.12-18.el4.x86_64"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.12-18.el4.i386"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.12-18.el4.s390"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.12-18.el4.src"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.12-18.el4.i386"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.12-18.el4.ia64"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.12-18.el4.ppc"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.12-18.el4.s390"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.12-18.el4.s390x"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.12-18.el4.src"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-0:1.5.0.12-18.el4.x86_64"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.12-18.el4.i386"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.12-18.el4.ia64"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.12-18.el4.ppc"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.12-18.el4.s390"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.12-18.el4.s390x"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.12-18.el4.src"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:1.5.0.12-18.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-0:1.5.0.12-18.el4.x86_64"
},
"product_reference": "thunderbird-0:1.5.0.12-18.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:2.0.0.19-1.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:thunderbird-0:2.0.0.19-1.el5_2.i386"
},
"product_reference": "thunderbird-0:2.0.0.19-1.el5_2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:2.0.0.19-1.el5_2.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:thunderbird-0:2.0.0.19-1.el5_2.src"
},
"product_reference": "thunderbird-0:2.0.0.19-1.el5_2.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:2.0.0.19-1.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64"
},
"product_reference": "thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386"
},
"product_reference": "thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:2.0.0.19-1.el5_2.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386"
},
"product_reference": "thunderbird-0:2.0.0.19-1.el5_2.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:2.0.0.19-1.el5_2.src as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src"
},
"product_reference": "thunderbird-0:2.0.0.19-1.el5_2.src",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:2.0.0.19-1.el5_2.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64"
},
"product_reference": "thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386"
},
"product_reference": "thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"relates_to_product_reference": "5Server-DPAS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-5500",
"discovery_date": "2008-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "476266"
}
],
"notes": [
{
"category": "description",
"text": "The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2) an integer overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Layout engine crashes - Firefox 2 and 3",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5500"
},
{
"category": "external",
"summary": "RHBZ#476266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476266"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5500",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5500"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5500",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5500"
}
],
"release_date": "2008-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-01-07T10:27:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0002"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Layout engine crashes - Firefox 2 and 3"
},
{
"cve": "CVE-2008-5501",
"discovery_date": "2008-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "476267"
}
],
"notes": [
{
"category": "description",
"text": "The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Layout engine crash - Firefox 3 only",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5501"
},
{
"category": "external",
"summary": "RHBZ#476267",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476267"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5501",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5501"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5501",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5501"
}
],
"release_date": "2008-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-01-07T10:27:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0002"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Layout engine crash - Firefox 3 only"
},
{
"cve": "CVE-2008-5502",
"discovery_date": "2008-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "476269"
}
],
"notes": [
{
"category": "description",
"text": "The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) via vectors that trigger memory corruption, related to the GetXMLEntity and FastAppendChar functions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JavaScript engine crash - Firefox 3 only",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5502"
},
{
"category": "external",
"summary": "RHBZ#476269",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476269"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5502",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5502"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5502",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5502"
}
],
"release_date": "2008-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-01-07T10:27:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0002"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JavaScript engine crash - Firefox 3 only"
},
{
"cve": "CVE-2008-5503",
"discovery_date": "2008-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "476272"
}
],
"notes": [
{
"category": "description",
"text": "The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or access data from other domains via crafted XBL bindings.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Firefox 2 Information stealing via loadBindingDocument",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5503"
},
{
"category": "external",
"summary": "RHBZ#476272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476272"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5503",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5503"
}
],
"release_date": "2008-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-01-07T10:27:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0002"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Firefox 2 Information stealing via loadBindingDocument"
},
{
"cve": "CVE-2008-5506",
"discovery_date": "2008-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "476278"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-controlled resource that uses a 302 redirect to a resource in a different domain, then reading content from the response, aka \"response disclosure.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Firefox XMLHttpRequest 302 response disclosure",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5506"
},
{
"category": "external",
"summary": "RHBZ#476278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5506",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5506"
}
],
"release_date": "2008-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-01-07T10:27:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0002"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Firefox XMLHttpRequest 302 response disclosure"
},
{
"cve": "CVE-2008-5507",
"discovery_date": "2008-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "476280"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to bypass the same origin policy and access portions of data from another domain via a JavaScript URL that redirects to the target resource, which generates an error if the target data does not have JavaScript syntax, which can be accessed using the window.onerror DOM API.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Firefox Cross-domain data theft via script redirect error message",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5507"
},
{
"category": "external",
"summary": "RHBZ#476280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476280"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5507",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5507"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5507",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5507"
}
],
"release_date": "2008-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-01-07T10:27:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0002"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Firefox Cross-domain data theft via script redirect error message"
},
{
"cve": "CVE-2008-5508",
"discovery_date": "2008-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "476281"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not properly parse URLs with leading whitespace or control characters, which might allow remote attackers to misrepresent URLs and simplify phishing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Firefox errors parsing URLs with control characters",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5508"
},
{
"category": "external",
"summary": "RHBZ#476281",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476281"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5508",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5508"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5508",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5508"
}
],
"release_date": "2008-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-01-07T10:27:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0002"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Firefox errors parsing URLs with control characters"
},
{
"cve": "CVE-2008-5511",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2008-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "476285"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to an \"unloaded document.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Firefox XSS via XBL bindings to unloaded document",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5511"
},
{
"category": "external",
"summary": "RHBZ#476285",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476285"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5511",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5511"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5511",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5511"
}
],
"release_date": "2008-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-01-07T10:27:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0002"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Firefox XSS via XBL bindings to unloaded document"
},
{
"cve": "CVE-2008-5512",
"discovery_date": "2008-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "476287"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to run arbitrary JavaScript with chrome privileges via unknown vectors in which \"page content can pollute XPCNativeWrappers.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Firefox JavaScript privilege escalation",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5512"
},
{
"category": "external",
"summary": "RHBZ#476287",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476287"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5512",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5512"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5512",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5512"
}
],
"release_date": "2008-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-01-07T10:27:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0002"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Firefox JavaScript privilege escalation"
},
{
"cve": "CVE-2008-5513",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2008-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "476289"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting (XSS) attacks via unknown vectors related to restoration of SessionStore data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Firefox XSS vulnerabilities in SessionStore",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-5513"
},
{
"category": "external",
"summary": "RHBZ#476289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=476289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-5513",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5513"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-5513",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5513"
}
],
"release_date": "2008-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-01-07T10:27:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:thunderbird-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-0:1.5.0.12-18.el4.src",
"4AS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4AS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.src",
"4Desktop:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4Desktop:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-0:1.5.0.12-18.el4.src",
"4ES:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4ES:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-0:1.5.0.12-18.el4.src",
"4WS:thunderbird-0:1.5.0.12-18.el4.x86_64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.i386",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ia64",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.ppc",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.s390x",
"4WS:thunderbird-debuginfo-0:1.5.0.12-18.el4.x86_64",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Client:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Client:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.src",
"5Server-DPAS:thunderbird-0:2.0.0.19-1.el5_2.x86_64",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.i386",
"5Server-DPAS:thunderbird-debuginfo-0:2.0.0.19-1.el5_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:0002"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Firefox XSS vulnerabilities in SessionStore"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.