Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2011:1165
HistoryAug 16, 2011 - 11:23 p.m.

thunderbird security update

2011-08-1623:23:07
CentOS Project
lists.centos.org
51

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.102 Low

EPSS

Percentile

95.0%

JSON

CentOS Errata and Security Advisory CESA-2011:1165

Mozilla Thunderbird is a standalone mail and newsgroup client.

Several flaws were found in the processing of malformed HTML content.
Malicious HTML content could cause Thunderbird to crash or, potentially,
execute arbitrary code with the privileges of the user running
Thunderbird. (CVE-2011-2982)

A flaw was found in the way Thunderbird handled malformed JavaScript.
Malicious content could cause Thunderbird to access already freed memory,
causing Thunderbird to crash or, potentially, execute arbitrary code with
the privileges of the user running Thunderbird. (CVE-2011-2983)

Note: This update disables support for Scalable Vector Graphics (SVG)
images in Thunderbird on Red Hat Enterprise Linux 5.

All Thunderbird users should upgrade to this updated package, which
resolves these issues. All running instances of Thunderbird must be
restarted for the update to take effect.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2011-August/079858.html
https://lists.centos.org/pipermail/centos-announce/2011-August/079859.html
https://lists.centos.org/pipermail/centos-announce/2011-September/080168.html
https://lists.centos.org/pipermail/centos-announce/2011-September/080169.html
https://lists.centos.org/pipermail/centos-cr-announce/2011-September/026490.html
https://lists.centos.org/pipermail/centos-cr-announce/2011-September/026491.html

Affected packages:
thunderbird

Upstream details at:
https://access.redhat.com/errata/RHSA-2011:1165

Related

redhat 4
nessus 36
openvas 53
oraclelinux 4
centos 2
veracode 2
nvd 2
cve 2
ubuntucve 2
prion 2
cvelist 2
ubuntu 2
osv 3
debian 4
mozilla 2
suse 4
freebsd 1
seebug 1
securityvulns 1
gentoo 1
redhat
redhat
(RHSA-2011:1167) Critical: seamonkey security update
2011-08-16 00:00:00
(RHSA-2011:1165) Critical: thunderbird security update
2011-08-16 00:00:00
(RHSA-2011:1164) Critical: firefox security update
2011-08-16 00:00:00
nessus
nessus
RHEL 4 : seamonkey (RHSA-2011:1167)
2011-08-17 00:00:00
Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
CentOS 4 : seamonkey (CESA-2011:1167)
2011-08-17 00:00:00
openvas
openvas
CentOS Update for thunderbird CESA-2011:1165 centos4 x86_64
2012-07-30 00:00:00
CentOS Update for thunderbird CESA-2011:1165 centos5 x86_64
2012-07-30 00:00:00
RedHat Update for thunderbird RHSA-2011:1165-01
2011-08-19 00:00:00
oraclelinux
oraclelinux
seamonkey security update
2011-08-16 00:00:00
thunderbird security update
2011-08-16 00:00:00
firefox security update
2011-08-16 00:00:00
centos
centos
seamonkey security update
2011-08-16 22:32:01
firefox, xulrunner security update
2011-08-16 23:27:06
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:01:40
Arbitrary Code Execution
2020-04-10 01:01:41
nvd
nvd
CVE-2011-2982
2011-08-18 18:55:01
CVE-2011-2983
2011-08-18 18:55:01
cve
cve
CVE-2011-2982
2011-08-18 18:55:01
CVE-2011-2983
2011-08-18 18:55:01
ubuntucve
ubuntucve
CVE-2011-2983
2011-08-19 00:00:00
CVE-2011-2982
2011-08-19 00:00:00
prion
prion
Memory corruption
2011-08-18 18:55:00
Design/Logic Flaw
2011-08-18 18:55:00
cvelist
cvelist
CVE-2011-2982
2011-08-18 18:00:00
CVE-2011-2983
2011-08-18 18:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2011-08-26 00:00:00
Firefox and Xulrunner vulnerabilities
2011-08-19 00:00:00
osv
osv
iceweasel - several
2011-08-17 00:00:00
iceape - several
2011-08-17 00:00:00
icedove - several
2011-08-21 00:00:00
debian
debian
[BSA-046] Security Update for icedove
2011-08-26 20:23:59
[SECURITY] [DSA 2295-1] iceape security update
2011-08-17 17:37:19
[SECURITY] [DSA 2297-1] icedove security update
2011-08-21 18:57:44
mozilla
mozilla
Security issues addressed in Thunderbird 3.1.12 โ€” Mozilla
2011-08-16 00:00:00
Security issues addressed in Firefox 3.6.20 โ€” Mozilla
2011-08-16 00:00:00
suse
suse
MozillaFirefox: Update to Firefox 3.6.20 (important)
2011-08-26 20:08:19
Security update for Mozilla Firefox (important)
2011-08-29 21:08:22
MozillaThunderbird: Update to 3.1.12 (important)
2011-08-29 20:08:38
freebsd
freebsd
mozilla -- multiple vulnerabilities
2011-08-16 00:00:00
seebug
seebug
Mozilla Firefox/Thunderbird/SeaMonkeyๅคšไธชๅฎ‰ๅ…จๆผๆดž
2011-08-18 00:00:00
securityvulns
securityvulns
Mozilla Fireox / Seamonkey / Thunderbird multiple security vulnerabilities
2011-08-19 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.102 Low

EPSS

Percentile

95.0%

JSON
Related for CESA-2011:1165
redhat4nessus36openvas53oraclelinux4centos2veracode2nvd2cve2ubuntucve2prion2cvelist2ubuntu2osv3debian4mozilla2suse4freebsd1seebug1securityvulns1gentoo1