CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
97.6%
Multiple security issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted message, an attacker could
potentially exploit these to read uninitialized memory, cause a denial of
service via application crash, or execute arbitrary code. (CVE-2017-5429,
CVE-2017-5430, CVE-2017-5436, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445,
CVE-2017-5446, CVE-2017-5447, CVE-2017-5461, CVE-2017-5467)
Multiple security issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted website in a browsing context,
an attacker could potentially exploit these to spoof the addressbar
contents, conduct cross-site scripting (XSS) attacks, cause a denial of
service via application crash, or execute arbitrary code. (CVE-2017-5432,
CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5437, CVE-2017-5438,
CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5449,
CVE-2017-5451, CVE-2017-5454, CVE-2017-5459, CVE-2017-5460, CVE-2017-5464,
CVE-2017-5465, CVE-2017-5466, CVE-2017-5469, CVE-2016-10195,
CVE-2016-10196, CVE-2016-10197)
A flaw was discovered in the DRBG number generation in NSS. If an
attacker were able to perform a machine-in-the-middle attack, this flaw
could potentially be exploited to view sensitive information.
(CVE-2017-5462)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 17.04 | noarch | thunderbird | < 1:52.1.1+build1-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | thunderbird-dbg | < 1:52.1.1+build1-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | thunderbird-dbgsym | < 1:52.1.1+build1-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | thunderbird-dev | < 1:52.1.1+build1-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | thunderbird-dev-dbgsym | < 1:52.1.1+build1-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | thunderbird-globalmenu | < 1:52.1.1+build1-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | thunderbird-gnome-support | < 1:52.1.1+build1-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | thunderbird-gnome-support-dbg | < 1:52.1.1+build1-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | thunderbird-locale-af | < 1:52.1.1+build1-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | thunderbird-locale-ar | < 1:52.1.1+build1-0ubuntu0.17.04.1 | UNKNOWN |
ubuntu.com/security/CVE-2016-10195
ubuntu.com/security/CVE-2016-10196
ubuntu.com/security/CVE-2016-10197
ubuntu.com/security/CVE-2017-5429
ubuntu.com/security/CVE-2017-5430
ubuntu.com/security/CVE-2017-5432
ubuntu.com/security/CVE-2017-5433
ubuntu.com/security/CVE-2017-5434
ubuntu.com/security/CVE-2017-5435
ubuntu.com/security/CVE-2017-5436
ubuntu.com/security/CVE-2017-5437
ubuntu.com/security/CVE-2017-5438
ubuntu.com/security/CVE-2017-5439
ubuntu.com/security/CVE-2017-5440
ubuntu.com/security/CVE-2017-5441
ubuntu.com/security/CVE-2017-5442
ubuntu.com/security/CVE-2017-5443
ubuntu.com/security/CVE-2017-5444
ubuntu.com/security/CVE-2017-5445
ubuntu.com/security/CVE-2017-5446
ubuntu.com/security/CVE-2017-5447
ubuntu.com/security/CVE-2017-5449
ubuntu.com/security/CVE-2017-5451
ubuntu.com/security/CVE-2017-5454
ubuntu.com/security/CVE-2017-5459
ubuntu.com/security/CVE-2017-5460
ubuntu.com/security/CVE-2017-5461
ubuntu.com/security/CVE-2017-5462
ubuntu.com/security/CVE-2017-5464
ubuntu.com/security/CVE-2017-5465
ubuntu.com/security/CVE-2017-5466
ubuntu.com/security/CVE-2017-5467
ubuntu.com/security/CVE-2017-5469
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
97.6%