Lucene search
Gentoo FoundationMGASA-2017-0180HistoryJun 19, 2017 - 10:44 a.m.
Updated thunderbird packages fix security vulnerability and bugs
2017-06-1910:44:03
Gentoo Foundation
advisories.mageia.org
17
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.01 Low
EPSS
Percentile
83.7%
- Use-after-free using destroyed node when regenerating trees (CVE-2017-5472). * Use-after-free during docshell reloading (CVE-2017-7749). * Use-after-free with track elements (CVE-2017-7750). * Use-after-free with content viewer listeners (CVE-2017-7751). * Use-after-free with IME input (CVE-2017-7752). * Out-of-bounds read in WebGL with ImageInfo object (CVE-2017-7754). * Use-after-free and use-after-scope logging XHR header errors (CVE-2017-7756). * Use-after-free in IndexedDB (CVE-2017-7757). * Vulnerabilities in the Graphite 2 library (CVE-2017-7778). * Out-of-bounds read in Opus encoder (CVE-2017-7758). * Mac fonts render some unicode characters as spaces (CVE-2017-7763). * Domain spoofing with combination of Canadian Syllabics and other unicode blocks (CVE-2017-7764). * Mark of the Web bypass when saving executable files (CVE-2017-7765). * Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2, and Thunderbird 52.2 (CVE-2017-5470). * plus various bug fixes.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 5 | noarch | thunderbird | < 52.2.0-1 | thunderbird-52.2.0-1.mga5 |
| Mageia | 5 | noarch | thunderbird-l10n | < 52.2.0-1 | thunderbird-l10n-52.2.0-1.mga5 |
Related
altlinux
altlinux
Security fix for the ALT Linux 10 package thunderbird version 52.2.0-alt1
2017-06-22 00:00:00
Security fix for the ALT Linux 10 package firefox-esr version 52.2.0-alt1
2017-06-21 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2017-0180)
2022-01-28 00:00:00
Mozilla Thunderbird Security Advisories (MFSA2017-17, MFSA2017-17) - Windows
2017-06-15 00:00:00
kaspersky
kaspersky
KLA11050 Multiple vulnerabilities in Mozilla Thunderbird
2017-06-14 00:00:00
KLA11044 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
2017-06-13 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Thunderbird 52.2 — Mozilla
2017-06-14 00:00:00
Security vulnerabilities fixed in Firefox ESR 52.2 — Mozilla
2017-06-13 00:00:00
Security vulnerabilities fixed in Firefox 54 — Mozilla
2017-06-13 00:00:00
nessus
nessus
Mozilla Thunderbird < 52.2 Multiple Vulnerabilities (macOS)
2017-07-17 00:00:00
RHEL 6 / 7 : firefox (RHSA-2017:1440)
2017-06-15 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Thunderbird vulnerabilities (USN-3321-1)
2017-07-06 00:00:00
osv
osv
icedove - security update
2017-06-30 00:00:00
firefox-esr - security update
2017-06-18 00:00:00
icedove - security update
2017-07-25 00:00:00
archlinux
archlinux
[ASA-201706-20] thunderbird: multiple issues
2017-06-16 00:00:00
[ASA-201706-19] firefox: multiple issues
2017-06-16 00:00:00
ibm
ibm
oraclelinux
oraclelinux
firefox security update
2017-06-14 00:00:00
thunderbird security update
2017-06-21 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerabilities
2017-06-19 10:44:03
debian
debian
[SECURITY] [DLA 1007-1] icedove/thunderbird security update
2017-07-03 05:57:05
[SECURITY] [DSA 3881-1] firefox-esr security update
2017-06-14 20:52:21
[SECURITY] [DLA 991-1] firefox-esr security update
2017-06-18 09:53:10
ubuntu
ubuntu
Thunderbird vulnerabilities
2017-07-05 00:00:00
Firefox vulnerabilities
2017-06-15 00:00:00
redhat
redhat
(RHSA-2017:1561) Important: thunderbird security update
2017-06-21 03:10:17
(RHSA-2017:1440) Critical: firefox security update
2017-06-14 05:21:03
centos
centos
thunderbird security update
2017-06-21 15:49:22
firefox security update
2017-06-15 10:14:10
freebsd
freebsd
mozilla -- multiple vulnerabilities
2017-06-13 00:00:00
suse
suse
nvd
nvd
cvelist
cvelist
redhatcve
redhatcve
prion
prion
Default credentials
2018-06-11 21:29:00
Design/Logic Flaw
2018-06-11 21:29:00
Design/Logic Flaw
2018-06-11 21:29:00
ubuntucve
ubuntucve
cve
cve
veracode
veracode
Use-After-Free
2019-05-02 06:12:45
User-After-Free
2019-05-02 06:12:44
Use-after-Free
2019-05-02 06:12:44
debiancve
debiancve
fedora
fedora
[SECURITY] Fedora 26 Update: graphite2-1.3.10-1.fc26
2017-06-25 16:22:37
[SECURITY] Fedora 25 Update: graphite2-1.3.10-1.fc25
2017-06-28 20:53:50
[SECURITY] Fedora 24 Update: graphite2-1.3.10-1.fc24
2017-07-12 01:54:12
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.01 Low
EPSS
Percentile
83.7%
Related for MGASA-2017-0180