Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable6520.PRM
HistoryJul 23, 2012 - 12:00 a.m.

Mozilla Thunderbird < 14.0 Multiple Vulnerabilities

2012-07-2300:00:00
Tenable
www.tenable.com
12
JSON

Versions of Mozilla Thunderbird prior to 14.0 are affected by the following security issues :

  • Several memory safety issues exist, some of which could potentially allow arbitrary code execution. (CVE-2012-1948, CVE-2012-1949)
  • Several memory safety issues exist related to the Gecko layout engine. (CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954)
  • An error related to JavaScript functions ‘history.forward’ and ‘history.back’ can allow incorrect URLs to be displayed. (CVE-2012-1955)
  • Cross-site scripting attacks are possible due to an error related to the ‘<embed>’ tag within an RSS ‘<description>’ element. (CVE-2012-1957)
  • A use-after-free error exists related to the method ‘nsGlobalWindow::PageHidden’. (CVE-2012-1958)
  • An error exists that can allow ‘same-compartment security wrappers’ (SCSW) to be bypassed. (CVE-2012-1959)
  • An out-of-bounds read error exists related to the color management library (QCMS). (CVE-2012-1960)
  • The ‘X-Frames-Options’ header is ignored if it is duplicated. (CVE-2012-1961)
  • A memory corruption error exists related to the method ‘JSDependentString::undepend’. (CVE-2012-1962)
  • An error related to the ‘Content Security Policy’ (CSP) implementation can allow the disclosure of OAuth 2.0 access tokens and OpenID credentials. (CVE-2012-1963)
  • An error exists related to the ‘javascript:’ URL that can allow scripts to run at elevated privileges outside the sandbox. (CVE-2012-1967)
Binary data 6520.prm
VendorProductVersionCPE
mozillathunderbirdcpe:/a:mozilla:thunderbird

References

Related

suse 7
openvas 63
nessus 38
ubuntu 3
oraclelinux 2
redhat 2
centos 2
freebsd 1
veracode 17
securityvulns 1
mozilla 11
osv 3
debian 3
prion 15
ubuntucve 15
cve 15
checkpoint_advisories 1
suse
suse
seamonkey: Update to Seamonkey 2.11 (important)
2012-08-01 18:08:34
MozillaThunderbird: update to Thunderbird 14.0 (important)
2012-07-27 13:08:18
Security update for Mozilla Firefox (important)
2012-07-21 01:08:17
openvas
openvas
SuSE Update for seamonkey openSUSE-SU-2012:0935-1 (seamonkey)
2012-12-13 00:00:00
openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2012:0917-1)
2012-12-13 00:00:00
openSUSE: Security Advisory for seamonkey (openSUSE-SU-2012:0935-1)
2012-12-13 00:00:00
nessus
nessus
SeaMonkey < 2.11.0 Multiple Vulnerabilities
2012-07-19 00:00:00
openSUSE Security Update : seamonkey (openSUSE-SU-2012:0935-1)
2014-06-13 00:00:00
Mozilla Thunderbird < 14.0 Multiple Vulnerabilities
2012-07-19 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2012-07-17 00:00:00
Firefox vulnerabilities
2012-07-17 00:00:00
ubufox update
2012-07-18 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2012-07-17 00:00:00
firefox security update
2012-07-17 00:00:00
redhat
redhat
(RHSA-2012:1089) Critical: thunderbird security update
2012-07-17 00:00:00
(RHSA-2012:1088) Critical: firefox security update
2012-07-17 00:00:00
centos
centos
thunderbird security update
2012-07-17 21:25:02
firefox, xulrunner security update
2012-07-17 20:41:16
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-07-17 00:00:00
veracode
veracode
Spoofing Vulnerability
2019-05-02 04:42:26
Cross Site Scripting (XSS)
2019-05-02 04:42:29
Cross Site Scripting (XSS)
2019-05-02 04:42:29
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-08-13 00:00:00
mozilla
mozilla
Gecko memory corruption — Mozilla
2012-07-17 00:00:00
Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6) — Mozilla
2012-07-17 00:00:00
Content Security Policy 1.0 implementation errors cause data leakage — Mozilla
2012-07-17 00:00:00
osv
osv
iceape - several vulnerabilities
2012-07-17 00:00:00
icedove - several
2012-08-14 00:00:00
iceweasel - several vulnerabilities
2012-07-17 00:00:00
debian
debian
[SECURITY] [DSA 2513-1] iceape security update
2012-07-17 19:47:49
[SECURITY] [DSA 2528-1] icedove security update
2012-08-14 19:26:36
[SECURITY] [DSA 2514-1] iceweasel security update
2012-07-17 20:03:42
prion
prion
Design/Logic Flaw
2012-07-18 10:26:00
Heap overflow
2012-07-18 10:26:00
Memory corruption
2012-07-18 10:26:00
ubuntucve
ubuntucve
CVE-2012-1951
2012-07-17 00:00:00
CVE-2012-1963
2012-07-17 00:00:00
CVE-2012-1949
2012-07-17 00:00:00
cve
cve
CVE-2012-1963
2012-07-18 10:26:00
CVE-2012-1951
2012-07-18 10:26:00
CVE-2012-1953
2012-07-18 10:26:00
checkpoint_advisories
checkpoint_advisories
Mozilla Multiple Products Table Frames Memory Corruption (CVE-2012-1952)
2012-10-14 00:00:00
JSON
Related for 6520.PRM
suse7openvas63nessus38ubuntu3oraclelinux2redhat2centos2freebsd1veracode17securityvulns1mozilla11osv3debian3prion15ubuntucve15cve15checkpoint_advisories1