Lucene search

K
debianDebianDEBIAN:DSA-4451-1:B16F1
HistoryMay 24, 2019 - 9:01 p.m.

[SECURITY] [DSA 4451-1] thunderbird security update

2019-05-2421:01:55
lists.debian.org
255
thunderbird
security update
cve-2018-18511
cve-2019-5798
cve-2019-7317
cve-2019-9797
cve-2019-9800
cve-2019-9816
cve-2019-9817
cve-2019-9819
cve-2019-9820
cve-2019-11691
cve-2019-11692
cve-2019-11693
cve-2019-11698
debian
arbitrary code
denial of service

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

8.6

Confidence

Low

EPSS

0.536

Percentile

97.7%


Debian Security Advisory DSA-4451-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
May 24, 2019 https://www.debian.org/security/faq


Package : thunderbird
CVE ID : CVE-2018-18511 CVE-2019-5798 CVE-2019-7317 CVE-2019-9797
CVE-2019-9800 CVE-2019-9816 CVE-2019-9817 CVE-2019-9819
CVE-2019-9820 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693
CVE-2019-11698

Multiple security issues have been found in Thunderbird: Multiple
vulnerabilities may lead to the execution of arbitrary code or denial of
service.

For the stable distribution (stretch), these problems have been fixed in
version 1:60.7.0-1~deb9u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

8.6

Confidence

Low

EPSS

0.536

Percentile

97.7%