Vulnerabilities > CVE-2001-0734 - Unspecified vulnerability in Netbsd 1.4.1/1.5
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 |
Nessus
| NASL family | Ubuntu Local Security Checks |
| NASL id | UBUNTU_USN-350-1.NASL |
| description | This update upgrades Thunderbird from 1.0.8 to 1.5.0.7. This step was necessary since the 1.0.x series is not supported by upstream any more. Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious email containing JavaScript. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it. (CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812, CVE-2006-4253, CVE-2006-4565, CVE-2006-4566, CVE-2006-4571) A buffer overflow has been discovered in the handling of .vcard files. By tricking a user into importing a malicious vcard into his contacts, this could be exploited to execute arbitrary code with the user |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 27930 |
| published | 2007-11-10 |
| reporter | Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2007-2016 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/27930 |
| title | Ubuntu 5.10 : mozilla-thunderbird vulnerabilities (USN-350-1) |