Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Производитель ПО
Наименование ПО
Thunderbird
(0.1, 0.2, 0.3, 0.4, 0.5, 0.6, 0.7, 0.7.1, 0.7.2, 0.7.3, 0.8, 0.9, 1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.5 Beta, 1.0.6, 1.0.7, 1.5, 1.5 Beta 2, 1.5.0.1, 1.5.0.4)
devhelp
(Unknown)
Описание
Код реализации пользовательского интерфейса в Mozilla Firefox и Thunderbird вызывает инициализирующие функции прототипа объекта, что может позволить злоумышленникам, действующим удаленно, выполнять код с более высокими правами.
Как исправить
Для устранения уязвимости необходимо установить последнюю версию продукта, соответствующую используемой платформе. Необходимую информацию можно получить по адресу:
http://www.mozilla.org/products/
http://www.mozilla.org/products/
Ссылки
MOZILLA (Security Advisory 2006-37): http://www.mozilla.org/security/announce/2006/mfsa2006-37.html
CERT-VN (VU#575969): http://www.kb.cert.org/vuls/id/575969
CERT (TA06-153A): http://www.us-cert.gov/cas/techalerts/TA06-153A.html
BUGTRAQ (20060602 rPSA-2006-0091-1 firefox thunderbird): http://www.securityfocus.com/archive/1/archive/1/435795/100/0/threaded
BID (18228): http://www.securityfocus.com/bid/18228
FRSIRT (ADV-2006-2106): http://www.frsirt.com/english/advisories/2006/2106
SECTRACK (1016202): http://securitytracker.com/id?1016202
SECTRACK (1016214): http://securitytracker.com/id?1016214
GENTOO (GLSA-200606-12): http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml
UBUNTU (USN-296-1): http://www.ubuntulinux.org/support/documentation/usn/usn-296-1
GENTOO (GLSA-200606-21): http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml
SUSE (SUSE-SA:2006:035): http://www.novell.com/linux/security/advisories/2006_35_mozilla.html
UBUNTU (USN-297-1): http://www.ubuntulinux.org/support/documentation/usn/usn-297-1
REDHAT (RHSA-2006:0578): http://www.redhat.com/support/errata/RHSA-2006-0578.html
DEBIAN (DSA-1118): http://www.debian.org/security/2006/dsa-1118
DEBIAN (DSA-1120): http://www.debian.org/security/2006/dsa-1120
UBUNTU (USN-296-2): http://www.ubuntulinux.org/support/documentation/usn/usn-296-2
UBUNTU (USN-297-3): http://www.ubuntulinux.org/support/documentation/usn/usn-297-3
UBUNTU (USN-323-1): http://www.ubuntulinux.org/support/documentation/usn/usn-323-1
DEBIAN (DSA-1134): http://www.debian.org/security/2006/dsa-1134
REDHAT (RHSA-2006:0610): http://www.redhat.com/support/errata/RHSA-2006-0610.html
REDHAT (RHSA-2006:0611): http://www.redhat.com/support/errata/RHSA-2006-0611.html
REDHAT (RHSA-2006:0609): http://rhn.redhat.com/errata/RHSA-2006-0609.html
MANDRIVA (MDKSA-2006:143): http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:143
MANDRIVA (MDKSA-2006:145): http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:145
MANDRIVA (MDKSA-2006:146): http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:146
REDHAT (RHSA-2006:0594): http://www.redhat.com/support/errata/RHSA-2006-0594.html
HP (HPSBUX02153): http://www.securityfocus.com/archive/1/archive/1/446658/100/200/threaded
HP (HPSBUX02156): http://www.securityfocus.com/archive/1/archive/1/446657/100/200/threaded
SUNALERT (102800): http://sunsolve.sun.com/search/document.do?assetkey=1-26-102800-1
FRSIRT (ADV-2007-0573): http://www.frsirt.com/english/advisories/2007/0573
XF (mozilla-contentdefined-code-execution(26848)): http://xforce.iss.net/xforce/xfdb/26848
CERT-VN (VU#575969): http://www.kb.cert.org/vuls/id/575969
CERT (TA06-153A): http://www.us-cert.gov/cas/techalerts/TA06-153A.html
BUGTRAQ (20060602 rPSA-2006-0091-1 firefox thunderbird): http://www.securityfocus.com/archive/1/archive/1/435795/100/0/threaded
BID (18228): http://www.securityfocus.com/bid/18228
FRSIRT (ADV-2006-2106): http://www.frsirt.com/english/advisories/2006/2106
SECTRACK (1016202): http://securitytracker.com/id?1016202
SECTRACK (1016214): http://securitytracker.com/id?1016214
GENTOO (GLSA-200606-12): http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml
UBUNTU (USN-296-1): http://www.ubuntulinux.org/support/documentation/usn/usn-296-1
GENTOO (GLSA-200606-21): http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml
SUSE (SUSE-SA:2006:035): http://www.novell.com/linux/security/advisories/2006_35_mozilla.html
UBUNTU (USN-297-1): http://www.ubuntulinux.org/support/documentation/usn/usn-297-1
REDHAT (RHSA-2006:0578): http://www.redhat.com/support/errata/RHSA-2006-0578.html
DEBIAN (DSA-1118): http://www.debian.org/security/2006/dsa-1118
DEBIAN (DSA-1120): http://www.debian.org/security/2006/dsa-1120
UBUNTU (USN-296-2): http://www.ubuntulinux.org/support/documentation/usn/usn-296-2
UBUNTU (USN-297-3): http://www.ubuntulinux.org/support/documentation/usn/usn-297-3
UBUNTU (USN-323-1): http://www.ubuntulinux.org/support/documentation/usn/usn-323-1
DEBIAN (DSA-1134): http://www.debian.org/security/2006/dsa-1134
REDHAT (RHSA-2006:0610): http://www.redhat.com/support/errata/RHSA-2006-0610.html
REDHAT (RHSA-2006:0611): http://www.redhat.com/support/errata/RHSA-2006-0611.html
REDHAT (RHSA-2006:0609): http://rhn.redhat.com/errata/RHSA-2006-0609.html
MANDRIVA (MDKSA-2006:143): http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:143
MANDRIVA (MDKSA-2006:145): http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:145
MANDRIVA (MDKSA-2006:146): http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:146
REDHAT (RHSA-2006:0594): http://www.redhat.com/support/errata/RHSA-2006-0594.html
HP (HPSBUX02153): http://www.securityfocus.com/archive/1/archive/1/446658/100/200/threaded
HP (HPSBUX02156): http://www.securityfocus.com/archive/1/archive/1/446657/100/200/threaded
SUNALERT (102800): http://sunsolve.sun.com/search/document.do?assetkey=1-26-102800-1
FRSIRT (ADV-2007-0573): http://www.frsirt.com/english/advisories/2007/0573
XF (mozilla-contentdefined-code-execution(26848)): http://xforce.iss.net/xforce/xfdb/26848