Lucene search
Gentoo FoundationMGASA-2017-0180HistoryJun 19, 2017 - 10:44 a.m.
Updated thunderbird packages fix security vulnerability and bugs
2017-06-1910:44:03
Gentoo Foundation
advisories.mageia.org
14
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.4%
- Use-after-free using destroyed node when regenerating trees (CVE-2017-5472). * Use-after-free during docshell reloading (CVE-2017-7749). * Use-after-free with track elements (CVE-2017-7750). * Use-after-free with content viewer listeners (CVE-2017-7751). * Use-after-free with IME input (CVE-2017-7752). * Out-of-bounds read in WebGL with ImageInfo object (CVE-2017-7754). * Use-after-free and use-after-scope logging XHR header errors (CVE-2017-7756). * Use-after-free in IndexedDB (CVE-2017-7757). * Vulnerabilities in the Graphite 2 library (CVE-2017-7778). * Out-of-bounds read in Opus encoder (CVE-2017-7758). * Mac fonts render some unicode characters as spaces (CVE-2017-7763). * Domain spoofing with combination of Canadian Syllabics and other unicode blocks (CVE-2017-7764). * Mark of the Web bypass when saving executable files (CVE-2017-7765). * Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2, and Thunderbird 52.2 (CVE-2017-5470). * plus various bug fixes.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 5 | noarch | thunderbird | < 52.2.0-1 | thunderbird-52.2.0-1.mga5 |
| Mageia | 5 | noarch | thunderbird-l10n | < 52.2.0-1 | thunderbird-l10n-52.2.0-1.mga5 |
Related
altlinux
altlinux
Security fix for the ALT Linux 10 package thunderbird version 52.2.0-alt1
2017-06-22 00:00:00
Security fix for the ALT Linux 10 package firefox-esr version 52.2.0-alt1
2017-06-21 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2017-0180)
2022-01-28 00:00:00
Mozilla Thunderbird Security Advisories (MFSA2017-17, MFSA2017-17) - Windows
2017-06-15 00:00:00
nessus
nessus
Debian DLA-1007-1 : icedove/thunderbird security update
2017-07-05 00:00:00
Virtuozzo 7 : firefox (VZLSA-2017-1440)
2017-07-13 00:00:00
CentOS 6 / 7 : thunderbird (CESA-2017:1561)
2017-06-22 00:00:00
oraclelinux
oraclelinux
firefox security update
2017-06-14 00:00:00
thunderbird security update
2017-06-21 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerabilities
2017-06-19 10:44:03
Updated iceape packages fix security vulnerabilities
2018-01-02 14:48:29
kaspersky
kaspersky
KLA11050 Multiple vulnerabilities in Mozilla Thunderbird
2017-06-14 00:00:00
KLA11044 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
2017-06-13 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Thunderbird 52.2 — Mozilla
2017-06-14 00:00:00
Security vulnerabilities fixed in Firefox 54 — Mozilla
2017-06-13 00:00:00
Security vulnerabilities fixed in Firefox ESR 52.2 — Mozilla
2017-06-13 00:00:00
osv
osv
icedove - security update
2017-06-30 00:00:00
firefox-esr - security update
2017-06-18 00:00:00
firefox-esr - security update
2017-06-14 00:00:00
ibm
ibm
archlinux
archlinux
[ASA-201706-20] thunderbird: multiple issues
2017-06-16 00:00:00
[ASA-201706-19] firefox: multiple issues
2017-06-16 00:00:00
debian
debian
[SECURITY] [DLA 991-1] firefox-esr security update
2017-06-18 09:53:10
[SECURITY] [DSA 3918-1] icedove/thunderbird security update
2017-07-25 20:03:55
[SECURITY] [DLA 1007-1] icedove/thunderbird security update
2017-07-03 05:57:05
redhat
redhat
(RHSA-2017:1561) Important: thunderbird security update
2017-06-21 03:10:17
(RHSA-2017:1440) Critical: firefox security update
2017-06-14 05:21:03
centos
centos
thunderbird security update
2017-06-21 15:49:22
firefox security update
2017-06-15 10:14:10
freebsd
freebsd
mozilla -- multiple vulnerabilities
2017-06-13 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2017-07-05 00:00:00
Firefox vulnerabilities
2017-06-15 00:00:00
suse
suse
prion
prion
Design/Logic Flaw
2018-06-11 21:29:00
Default credentials
2018-06-11 21:29:00
Code injection
2018-06-11 21:29:00
ubuntucve
ubuntucve
redhatcve
redhatcve
cve
cve
veracode
veracode
Use-After-Free
2019-05-02 06:12:45
User-After-Free
2019-05-02 06:12:44
Use-after-Free
2019-05-02 06:12:44
debiancve
debiancve
fedora
fedora
[SECURITY] Fedora 26 Update: graphite2-1.3.10-1.fc26
2017-06-25 16:22:37
[SECURITY] Fedora 25 Update: graphite2-1.3.10-1.fc25
2017-06-28 20:53:50
[SECURITY] Fedora 24 Update: graphite2-1.3.10-1.fc24
2017-07-12 01:54:12
threatpost
threatpost
Mozilla Fixes 32 Vulnerabilities in Firefox 54
2017-06-14 15:31:08
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2018-02-20 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.4%
Related for MGASA-2017-0180