Vulnerability Name:

CVE-2008-4070 (CCN-45426)

Assigned:2008-09-25
Published:2008-09-25
Updated:2017-09-29
Summary:Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages."
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2008-4070

Source: SUSE
Type: UNKNOWN
SUSE-SA:2008:050

Source: CCN
Type: RHSA-2008-0908
Moderate: thunderbird security update

Source: CCN
Type: SA32010
Mozilla SeaMonkey Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
32010

Source: SECUNIA
Type: UNKNOWN
32025

Source: SECUNIA
Type: UNKNOWN
32044

Source: SECUNIA
Type: UNKNOWN
32082

Source: SECUNIA
Type: UNKNOWN
32092

Source: SECUNIA
Type: UNKNOWN
32196

Source: SECUNIA
Type: UNKNOWN
33433

Source: SECUNIA
Type: UNKNOWN
33434

Source: CCN
Type: SA34501
Sun Solaris Firefox Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
34501

Source: CCN
Type: SECTRACK ID: 1020948
Mozilla Thunderbird Heap Overflow in Processing Canceled Newsgroup Messages Lets Remote Users Execute Arbitrary Code

Source: SLACKWARE
Type: UNKNOWN
SSA:2008-269-02

Source: SLACKWARE
Type: UNKNOWN
SSA:2008-270-01

Source: SUNALERT
Type: UNKNOWN
256408

Source: CCN
Type: Sun Alert ID: 256408
Multiple Security Vulnerabilities in Firefox Versions Before 2.0.0.19 May Allow Execution of Arbitrary Code or Access to Unauthorized Data

Source: CCN
Type: ASA-2008-389
thunderbird security update (RHSA-2008-0908)

Source: CCN
Type: ASA-2009-158
Multiple Security Vulnerabilities in Firefox Versions Before 2.0.0.19 May Allow Execution of Arbitrary Code or Access to unauthorized Data (Sun 256408)

Source: CCN
Type: NORTEL BULLETIN ID: 2009009505, Rev 1
Nortel Response to Sun Alert 256408 - Solaris 10 - Vulnerabilities in Firefox May Allow Execution of Arbitrary Code

Source: DEBIAN
Type: UNKNOWN
DSA-1696

Source: DEBIAN
Type: UNKNOWN
DSA-1697

Source: DEBIAN
Type: DSA-1696
icedove -- several vulnerabilities

Source: DEBIAN
Type: DSA-1697
iceape -- several vulnerabilities

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:206

Source: CCN
Type: MFSA 2008-46
Heap overflow when canceling newsgroup message

Source: CONFIRM
Type: Patch
http://www.mozilla.org/security/announce/2008/mfsa2008-46.html

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0908

Source: BID
Type: Patch
31411

Source: CCN
Type: BID-31411
Mozilla SeaMonkey/Thunderbird Newsgroup Cancel Message Handling Buffer Overflow Vulnerability

Source: SECTRACK
Type: UNKNOWN
1020948

Source: CCN
Type: USN-647-1
Thunderbird vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-647-1

Source: VUPEN
Type: UNKNOWN
ADV-2009-0977

Source: CONFIRM
Type: Exploit
https://bugzilla.mozilla.org/show_bug.cgi?id=425152

Source: XF
Type: UNKNOWN
mozilla-newsgroupmessage-bo(45426)

Source: XF
Type: UNKNOWN
mozilla-newsgroupmessage-bo(45426)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10933

Source: SUSE
Type: SUSE-SA:2008:050
Mozilla security problems

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.99:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:*:*:*:*:*:*:*:* (Version <= 1.1.11)
  • OR cpe:/a:mozilla:thunderbird:0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.7:-:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0:-:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5:-:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:1.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:*:*:*:*:*:*:*:* (Version <= 2.0.0.16)

    • Configuration RedHat 1:
  • cpe:/a:redhat:rhel_productivity:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:mozilla:thunderbird:2.0.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1::beta:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:2.0.0.15:*:*:*:*:*:*:*
  • AND
  • cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
  • OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20084070
    V
    		CVE-2008-4070
    2022-06-30
    oval:org.opensuse.security:def:42260
    P
    		Security update for yaml-cpp (Moderate)
    2022-04-01
    oval:org.opensuse.security:def:111905
    P
    		MozillaThunderbird-91.1.1-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:31755
    P
    		Security update for libvirt (Important)
    2022-01-10
    oval:org.opensuse.security:def:32252
    P
    		Security update for chrony (Moderate)
    2021-12-22
    oval:org.opensuse.security:def:31321
    P
    		Security update for glib-networking (Important)
    2021-12-13
    oval:org.opensuse.security:def:31320
    P
    		Security update for MozillaFirefox (Important)
    2021-12-12
    oval:org.opensuse.security:def:26179
    P
    		Security update for gmp (Moderate)
    2021-12-02
    oval:org.opensuse.security:def:31300
    P
    		Security update for MozillaFirefox (Important)
    2021-11-17
    oval:org.opensuse.security:def:31698
    P
    		Security update for transfig (Important)
    2021-10-29
    oval:org.opensuse.security:def:33034
    P
    		Security update for opensc (Important)
    2021-10-29
    oval:org.opensuse.security:def:31293
    P
    		Security update for postgresql10 (Important)
    2021-10-20
    oval:org.opensuse.security:def:32203
    P
    		Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)
    2021-10-18
    oval:org.opensuse.security:def:105478
    P
    		MozillaThunderbird-91.1.1-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:31687
    P
    		Security update for sqlite3 (Important)
    2021-09-23
    oval:org.opensuse.security:def:26135
    P
    		Security update for hivex (Moderate)
    2021-09-23
    oval:org.opensuse.security:def:26121
    P
    		Security update for ntfs-3g_ntfsprogs (Important)
    2021-09-07
    oval:org.opensuse.security:def:32995
    P
    		Security update for file (Important)
    2021-09-02
    oval:org.opensuse.security:def:26115
    P
    		Security update for libesmtp (Important)
    2021-09-02
    oval:org.opensuse.security:def:32147
    P
    		Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2021-07-21
    oval:org.opensuse.security:def:32140
    P
    		Security update for MozillaFirefox (Important)
    2021-07-16
    oval:org.opensuse.security:def:26082
    P
    		Security update for openexr (Important)
    2021-06-24
    oval:org.opensuse.security:def:31212
    P
    		Security update for ovmf (Important)
    2021-06-22
    oval:org.opensuse.security:def:36071
    P
    		MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36362
    P
    		MozillaFirefox-devel-31.7.0esr-0.8.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:42478
    P
    		MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:31630
    P
    		Security update for polkit (Important)
    2021-06-03
    oval:org.opensuse.security:def:31623
    P
    		Security update for libxml2 (Important)
    2021-05-19
    oval:org.opensuse.security:def:26046
    P
    		Security update for libxml2 (Moderate)
    2021-05-05
    oval:org.opensuse.security:def:42065
    P
    		Security update for permissions (Important)
    2021-05-04
    oval:org.opensuse.security:def:31168
    P
    		Security update for cups (Important)
    2021-04-30
    oval:org.opensuse.security:def:32074
    P
    		Security update for MozillaFirefox (Important)
    2021-04-27
    oval:org.opensuse.security:def:26033
    P
    		Security update for ImageMagick (Moderate)
    2021-04-20
    oval:org.opensuse.security:def:31748
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:31737
    P
    		Security update for python-cryptography (Important)
    2021-03-02
    oval:org.opensuse.security:def:31350
    P
    		Security update for python-cryptography (Important)
    2021-03-02
    oval:org.opensuse.security:def:31736
    P
    		Security update for MozillaFirefox (Important)
    2021-03-01
    oval:org.opensuse.security:def:26197
    P
    		Security update for postgresql13 (Moderate)
    2021-02-22
    oval:org.opensuse.security:def:26196
    P
    		Security update for ImageMagick (Moderate)
    2021-02-19
    oval:org.opensuse.security:def:31344
    P
    		Security update for java-1_7_1-ibm (Important)
    2021-02-18
    oval:org.opensuse.security:def:31332
    P
    		Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)
    2021-02-10
    oval:org.opensuse.security:def:31692
    P
    		Security update for python3 (Important)
    2021-02-08
    oval:org.opensuse.security:def:31649
    P
    		Security update for postgresql, postgresql12, postgresql13 (Important)
    2021-01-26
    oval:org.opensuse.security:def:31201
    P
    		Security update for ImageMagick (Important)
    2021-01-22
    oval:org.opensuse.security:def:32096
    P
    		Security update for dnsmasq (Important)
    2021-01-19
    oval:org.opensuse.security:def:25985
    P
    		Security update for gimp (Moderate)
    2020-12-29
    oval:org.opensuse.security:def:25980
    P
    		Security update for MozillaFirefox (Critical)
    2020-12-21
    oval:org.opensuse.security:def:31083
    P
    		Security update for python-cryptography (Moderate)
    2020-12-04
    oval:org.opensuse.security:def:42021
    P
    		mozilla-xulrunner190-1.9.0.19-0.1.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35515
    P
    		MozillaFirefox-3.5.9-0.1.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35614
    P
    		mozilla-xulrunner190-1.9.0.19-0.1.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:31082
    P
    		Security update for gdm (Important)
    2020-12-03
    oval:org.opensuse.security:def:35658
    P
    		MozillaFirefox-10.0-0.3.2 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:41922
    P
    		MozillaFirefox-3.5.9-0.1.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35853
    P
    		MozillaFirefox-17.0.4esr-0.10.42 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:31493
    P
    		Security update for python
    2020-12-01
    oval:org.opensuse.security:def:31792
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:31902
    P
    		Security update for MozillaFirefox, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:32817
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25209
    P
    		Security update for mutt (Important)
    2020-12-01
    oval:org.opensuse.security:def:25241
    P
    		Security update for java-1_7_1-ibm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25507
    P
    		Security update for git (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25795
    P
    		Security update for kernel-source (Important)
    2020-12-01
    oval:org.opensuse.security:def:25897
    P
    		Security update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:26658
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25923
    P
    		Security update for util-linux (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26629
    P
    		perl-Tk on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32441
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:31580
    P
    		Security update for syslog-ng (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32035
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32357
    P
    		Security update for squid3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25210
    P
    		Security update for unzip (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25369
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25591
    P
    		Security update for python (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25888
    P
    		Security update for flash-player (Critical)
    2020-12-01
    oval:org.opensuse.security:def:30983
    P
    		Security update for icu (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25987
    P
    		Security update for the Linux Kernel (Critical)
    2020-12-01
    oval:org.opensuse.security:def:26253
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26541
    P
    		evince on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26643
    P
    		systemtap on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32480
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25221
    P
    		Security update for sysstat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25494
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25742
    P
    		Security update for ceph (Important)
    2020-12-01
    oval:org.opensuse.security:def:25927
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26817
    P
    		rsync on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30984
    P
    		Security update for icu (Important)
    2020-12-01
    oval:org.opensuse.security:def:26337
    P
    		Security update for freexl (Low)
    2020-12-01
    oval:org.opensuse.security:def:31803
    P
    		Security update for amanda (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31537
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31406
    P
    		Security update for perl-PlRPC (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31986
    P
    		Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:25403
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:25285
    P
    		Security update for tomcat (Important)
    2020-12-01
    oval:org.opensuse.security:def:25551
    P
    		Security update for tomcat (Important)
    2020-12-01
    oval:org.opensuse.security:def:25839
    P
    		Security update for gimp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25941
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26852
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30995
    P
    		Security update for jasper (Important)
    2020-12-01
    oval:org.opensuse.security:def:26488
    P
    		Security update for cacti, cacti-spine (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32540
    P
    		krb5-doc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31538
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31774
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26480
    P
    		Security update for okular (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25404
    P
    		Security update for spice (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25413
    P
    		Security update for ucode-intel (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25635
    P
    		Security update for tigervnc (Critical)
    2020-12-01
    oval:org.opensuse.security:def:31069
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31759
    P
    		Security update for LibVNCServer (Important)
    2020-12-01
    oval:org.opensuse.security:def:32579
    P
    		mozilla-xulrunner190 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25066
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:31549
    P
    		Security update for screen (Low)
    2020-12-01
    oval:org.opensuse.security:def:31847
    P
    		Security update for clamav (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31930
    P
    		Security update for glib2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:32291
    P
    		Security update for postgresql94 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26515
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25415
    P
    		Security update for openldap2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25688
    P
    		Security update for systemd (Important)
    2020-12-01
    oval:org.opensuse.security:def:25786
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:27034
    P
    		stunnel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31437
    P
    		Security update for php53 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31797
    P
    		Recommended update for NetworkManager-kde4 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31946
    P
    		Security update for gnutls (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25067
    P
    		Security update for libjpeg-turbo (Important)
    2020-12-01
    oval:org.opensuse.security:def:31904
    P
    		Security update for foomatic-filters (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32313
    P
    		Security update for quagga (Important)
    2020-12-01
    oval:org.opensuse.security:def:25620
    P
    		Security update for ovmf (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25479
    P
    		Security update for mariadb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25745
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:27069
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31094
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31392
    P
    		Security update for pam-modules (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31593
    P
    		Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31836
    P
    		Security update for bind (Important)
    2020-12-01
    oval:org.opensuse.security:def:32584
    P
    		ntp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25078
    P
    		Security update for mailman (Important)
    2020-12-01
    oval:org.opensuse.security:def:25351
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:31991
    P
    		Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:25784
    P
    		Security update for flash-player (Critical)
    2020-12-01
    oval:org.opensuse.security:def:26579
    P
    		libMagickCore1-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25621
    P
    		Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:25607
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25829
    P
    		Security update for php5 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26299
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26396
    P
    		Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:31126
    P
    		Security update for kvm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31449
    P
    		Security update for postgresql10 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31858
    P
    		Security update for cups (Important)
    2020-12-01
    oval:org.opensuse.security:def:32623
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25165
    P
    		Security update for squid (Important)
    2020-12-01
    oval:org.opensuse.security:def:25142
    P
    		Security update for wget (Important)
    2020-12-01
    oval:org.opensuse.security:def:25408
    P
    		Security update for sane-backends (Important)
    2020-12-01
    oval:org.opensuse.security:def:25798
    P
    		Security update for flash-player (Critical)
    2020-12-01
    oval:org.opensuse.security:def:26614
    P
    		mozilla-xulrunner190 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25632
    P
    		Security update for aspell (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25905
    P
    		Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:26338
    P
    		Security update for Chromium (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27325
    P
    		xen on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31127
    P
    		Security update for kvm (Important)
    2020-12-01
    oval:org.opensuse.security:def:31536
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31841
    P
    		Security update for bzip2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25166
    P
    		Security update for apache2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25270
    P
    		Security update for libxslt (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25492
    P
    		Security update for webkit2gtk3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25844
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25842
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25911
    P
    		Security update for gstreamer-plugins-base (Low)
    2020-12-01
    oval:org.opensuse.security:def:25696
    P
    		Security update for sudo (Important)
    2020-12-01
    oval:org.opensuse.security:def:25962
    P
    		Security update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:26250
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26352
    P
    		Security update for Mozilla Thunderbird (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27360
    P
    		MozillaFirefox-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31138
    P
    		Security update for lcms
    2020-12-01
    oval:org.opensuse.security:def:31436
    P
    		Security update for php53 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31880
    P
    		Security update for dhcpcd (Important)
    2020-12-01
    oval:org.opensuse.security:def:32778
    P
    		pyxml on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25177
    P
    		Security update for mariadb-connector-c (Important)
    2020-12-01
    oval:org.opensuse.security:def:25450
    P
    		Security update for bluez (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25643
    P
    		Security update for hunspell (Low)
    2020-12-01
    oval:org.opensuse.security:def:25883
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26623
    P
    		pam on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25912
    P
    		Security update for zziplib (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25824
    P
    		Security update for mariadb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26590
    P
    		libmusicbrainz4 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26687
    P
    		e2fsprogs on GA media (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:28693
    P
    		RHSA-2008:0908 -- thunderbird security update (Moderate)
    2015-08-17
    oval:org.mitre.oval:def:17610
    P
    		USN-647-1 -- mozilla-thunderbird, thunderbird vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13245
    P
    		DSA-1697-1 iceape -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:8021
    P
    		DSA-1696 icedove -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:12973
    P
    		DSA-1696-1 icedove -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:7950
    P
    		DSA-1697 iceape -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:22664
    P
    		ELSA-2008:0908: thunderbird security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:10933
    V
    		Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages."
    2013-04-29
    oval:org.debian:def:1696
    V
    		several vulnerabilities
    2009-01-07
    oval:org.debian:def:1697
    V
    		several vulnerabilities
    2009-01-07
    oval:com.redhat.rhsa:def:20080908
    P
    		RHSA-2008:0908: thunderbird security update (Moderate)
    2008-10-01
    BACK
    mozilla seamonkey 1.0
    mozilla seamonkey 1.0
    mozilla seamonkey 1.0
    mozilla seamonkey 1.0 beta
    mozilla seamonkey 1.0.1
    mozilla seamonkey 1.0.2
    mozilla seamonkey 1.0.3
    mozilla seamonkey 1.0.4
    mozilla seamonkey 1.0.5
    mozilla seamonkey 1.0.6
    mozilla seamonkey 1.0.7
    mozilla seamonkey 1.0.8
    mozilla seamonkey 1.0.9
    mozilla seamonkey 1.0.99
    mozilla seamonkey 1.1
    mozilla seamonkey 1.1.1
    mozilla seamonkey 1.1.2
    mozilla seamonkey 1.1.10
    mozilla seamonkey *
    mozilla thunderbird 0.1
    mozilla thunderbird 0.2
    mozilla thunderbird 0.3
    mozilla thunderbird 0.4
    mozilla thunderbird 0.5
    mozilla thunderbird 0.6
    mozilla thunderbird 0.7
    mozilla thunderbird 0.7.1
    mozilla thunderbird 0.7.2
    mozilla thunderbird 0.7.3
    mozilla thunderbird 0.8
    mozilla thunderbird 0.9
    mozilla thunderbird 1.0
    mozilla thunderbird 1.0.1
    mozilla thunderbird 1.0.2
    mozilla thunderbird 1.0.3
    mozilla thunderbird 1.0.4
    mozilla thunderbird 1.0.5
    mozilla thunderbird 1.0.5 beta
    mozilla thunderbird 1.0.6
    mozilla thunderbird 1.0.7
    mozilla thunderbird 1.0.8
    mozilla thunderbird 1.5
    mozilla thunderbird 1.5 beta2
    mozilla thunderbird 1.5.0.1
    mozilla thunderbird 1.5.0.2
    mozilla thunderbird 1.5.0.3
    mozilla thunderbird 1.5.0.4
    mozilla thunderbird 1.5.0.6
    mozilla thunderbird 1.5.0.7
    mozilla thunderbird 1.5.0.8
    mozilla thunderbird 1.5.0.9
    mozilla thunderbird 1.5.0.10
    mozilla thunderbird 1.5.0.11
    mozilla thunderbird 1.5.1
    mozilla thunderbird 1.5.2
    mozilla thunderbird 1.7.1
    mozilla thunderbird 1.7.3
    mozilla thunderbird 2.0.0.0
    mozilla thunderbird 2.0.0.1
    mozilla thunderbird 2.0.0.2
    mozilla thunderbird 2.0.0.3
    mozilla thunderbird 2.0.0.4
    mozilla thunderbird 2.0.0.5
    mozilla thunderbird 2.0.0.6
    mozilla thunderbird 2.0.0.7
    mozilla thunderbird 2.0.0.9
    mozilla thunderbird 2.0.0.11
    mozilla thunderbird 2.0.0.12
    mozilla thunderbird 2.0.0.13
    mozilla thunderbird 2.0.0.14
    mozilla thunderbird 2.0.0.15
    mozilla thunderbird *
    mozilla thunderbird 2.0.0.5
    mozilla seamonkey 1.1.3
    mozilla thunderbird 2.0.0.4
    mozilla seamonkey 1.1.2
    mozilla seamonkey 1.1.1
    mozilla thunderbird 2.0.0.6
    mozilla seamonkey 1.1.4
    mozilla seamonkey 1.1.5
    mozilla seamonkey 1.1.6
    mozilla thunderbird 2.0.0.9
    mozilla thunderbird 2.0.0.12
    mozilla thunderbird 2.0.0.13
    mozilla thunderbird 2.0.0.8
    mozilla seamonkey 1.1.7
    mozilla seamonkey 1.1.8
    mozilla seamonkey 1.1.9
    mozilla seamonkey 1.1
    mozilla seamonkey 1.1.10
    mozilla seamonkey 1.1.11
    mozilla thunderbird 2.0.0.14
    mozilla thunderbird 2.0.0.16
    mozilla thunderbird 2.0.0.15
    suse suse linux 9.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    canonical ubuntu 6.06
    mandrakesoft mandrake linux corporate server 3.0
    mandrakesoft mandrake linux 2008.0
    debian debian linux 4.0
    canonical ubuntu 7.04
    redhat enterprise linux 5
    canonical ubuntu 7.10
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2008.1 x86_64
    novell open enterprise server *
    novell opensuse 10.2
    novell opensuse 10.3
    mandrakesoft mandrake linux 2008.1
    canonical ubuntu 8.04
    novell opensuse 11.0
    novell suse linux enterprise server 10 sp2