Family: Red Hat Local Security Checks --> Category: infos
RHSA-2005-094: thunderbird Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the thunderbird packages
Detailed Explanation for this Vulnerability Test
An updated Thunderbird package that fixes a security issue is now available
for Red Hat Enterprise Linux 4.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Thunderbird is a standalone mail and newsgroup client.
A bug was found in the way Thunderbird handled cookies when loading content
over HTTP regardless of the user's preference. It is possible that a
particular user could be tracked through the use of malicious mail messages
which load content over HTTP. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CVE-2005-0149 to this issue.
Users of Thunderbird are advised to upgrade to this updated package,
which contains Thunderbird version 1.0 and is not vulnerable to this issue.
Solution : http://rhn.redhat.com/errata/RHSA-2005-094.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.