Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.69731
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2235-1 (icedove)
Summary:The remote host is missing an update to icedove;announced via advisory DSA 2235-1.
Description:Summary:
The remote host is missing an update to icedove
announced via advisory DSA 2235-1.

Vulnerability Insight:
Several vulnerabilities have been discovered in Icedove, an unbranded
version of the Thunderbird mail/news client.

CVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081

Scoobidiver, Ian Beer Bob Clary, Henri Sivonen, Marco Bonardo,
Mats Palmgren, Jesse Ruderman, Aki Kelin and Martin Barbella
discovered memory corruption bugs, which may lead to the execution
of arbitrary code.

CVE-2011-0065 CVE-2011-0066 CVE-2011-0073

regenrecht discovered several dangling pointer vulnerabilities,
which may lead to the execution of arbitrary code.

CVE-2011-0067

Paul Stone discovered that Java applets could steal information
from the autocompletion history.

CVE-2011-0071

Soroush Dalili discovered a directory traversal vulnerability in
handling resource URIs.

As indicated in the Lenny (oldstable) release notes, security support for
the Icedove packages in the oldstable needed to be stopped before the end
of the regular Lenny security maintenance life cycle.
You are strongly encouraged to upgrade to stable or switch to a different
mail client.

For the stable distribution (squeeze), this problem has been fixed in
version 3.0.11-1+squeeze2.

For the unstable distribution (sid), this problem will be fixed soon.

Solution:
We recommend that you upgrade your icedove packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-0065
Debian Security Information: DSA-2227 (Google Search)
http://www.debian.org/security/2011/dsa-2227
Debian Security Information: DSA-2228 (Google Search)
http://www.debian.org/security/2011/dsa-2228
Debian Security Information: DSA-2235 (Google Search)
http://www.debian.org/security/2011/dsa-2235
http://www.mandriva.com/security/advisories?name=MDVSA-2011:079
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14142
http://securityreason.com/securityalert/8326
http://securityreason.com/securityalert/8331
http://securityreason.com/securityalert/8340
Common Vulnerability Exposure (CVE) ID: CVE-2011-0066
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13970
Common Vulnerability Exposure (CVE) ID: CVE-2011-0067
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14523
Common Vulnerability Exposure (CVE) ID: CVE-2011-0069
BugTraq ID: 47656
http://www.securityfocus.com/bid/47656
http://www.mandriva.com/security/advisories?name=MDVSA-2011:080
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14065
Common Vulnerability Exposure (CVE) ID: CVE-2011-0070
BugTraq ID: 47654
http://www.securityfocus.com/bid/47654
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14286
Common Vulnerability Exposure (CVE) ID: CVE-2011-0071
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14058
Common Vulnerability Exposure (CVE) ID: CVE-2011-0072
BugTraq ID: 47655
http://www.securityfocus.com/bid/47655
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14038
Common Vulnerability Exposure (CVE) ID: CVE-2011-0073
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14020
http://securityreason.com/securityalert/8310
Common Vulnerability Exposure (CVE) ID: CVE-2011-0074
BugTraq ID: 47646
http://www.securityfocus.com/bid/47646
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14317
Common Vulnerability Exposure (CVE) ID: CVE-2011-0075
BugTraq ID: 47647
http://www.securityfocus.com/bid/47647
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14086
Common Vulnerability Exposure (CVE) ID: CVE-2011-0077
BugTraq ID: 47648
http://www.securityfocus.com/bid/47648
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14193
Common Vulnerability Exposure (CVE) ID: CVE-2011-0078
BugTraq ID: 47651
http://www.securityfocus.com/bid/47651
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14246
Common Vulnerability Exposure (CVE) ID: CVE-2011-0080
BugTraq ID: 47641
http://www.securityfocus.com/bid/47641
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13866
Common Vulnerability Exposure (CVE) ID: CVE-2011-0081
BugTraq ID: 47653
http://www.securityfocus.com/bid/47653
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13993
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.