Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2024-3112-1.NASLHistorySep 04, 2024 - 12:00 a.m.
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2024:3112-1)
2024-09-0400:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
3
suse linux
mozillathunderbird
security update
vulnerabilities
gnupg
flatpak
mfsa
cve-2024
CVSS3
9.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
7.5
Confidence
Low
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3112-1 advisory.
- Mozilla Thunderbird 115.14
* fixed: When using an external installation of GnuPG, Thunderbird occassionally sent/received corrupted messages
* fixed: Users of external GnuPG were unable to decrypt incorrectly encoded messages (bmo#1906903)
* fixed: Flatpak install of 128.0esr was incorrectly downgraded to 115.13.0esr (bmo#1908299)
* fixed: Security fixes MFSA 2024-38 (bsc#1228648)
* CVE-2024-7519: Out of bounds memory access in graphics shared memory handling
* CVE-2024-7521: Incomplete WebAssembly exception handing
* CVE-2024-7522: Out of bounds read in editor component
* CVE-2024-7525: Missing permission check when creating a StreamFilter
* CVE-2024-7526: Uninitialized memory used by WebGL
* CVE-2024-7527: Use-after-free in JavaScript garbage collection
* CVE-2024-7529: Document content could partially obscure security prompts
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2024:3112-1. The text itself
# is copyright (C) SUSE.
##
include('compat.inc');
if (description)
{
script_id(206583);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/04");
script_cve_id(
"CVE-2024-7519",
"CVE-2024-7521",
"CVE-2024-7522",
"CVE-2024-7525",
"CVE-2024-7526",
"CVE-2024-7527",
"CVE-2024-7529"
);
script_xref(name:"SuSE", value:"SUSE-SU-2024:3112-1");
script_name(english:"SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2024:3112-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are
affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3112-1 advisory.
- Mozilla Thunderbird 115.14
* fixed: When using an external installation of GnuPG,
Thunderbird occassionally sent/received corrupted messages
* fixed: Users of external GnuPG were unable to decrypt
incorrectly encoded messages (bmo#1906903)
* fixed: Flatpak install of 128.0esr was incorrectly downgraded
to 115.13.0esr (bmo#1908299)
* fixed: Security fixes
MFSA 2024-38 (bsc#1228648)
* CVE-2024-7519: Out of bounds memory access in graphics shared memory handling
* CVE-2024-7521: Incomplete WebAssembly exception handing
* CVE-2024-7522: Out of bounds read in editor component
* CVE-2024-7525: Missing permission check when creating a StreamFilter
* CVE-2024-7526: Uninitialized memory used by WebGL
* CVE-2024-7527: Use-after-free in JavaScript garbage collection
* CVE-2024-7529: Document content could partially obscure security prompts
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1228648");
# https://lists.suse.com/pipermail/sle-updates/2024-September/036761.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?66801412");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-7519");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-7521");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-7522");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-7525");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-7526");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-7527");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-7529");
script_set_attribute(attribute:"solution", value:
"Update the affected MozillaThunderbird, MozillaThunderbird-translations-common and / or MozillaThunderbird-translations-
other packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-7527");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2024-7519");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/08/06");
script_set_attribute(attribute:"patch_publication_date", value:"2024/09/03");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/09/04");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaThunderbird");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaThunderbird-translations-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaThunderbird-translations-other");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES|SUSE)") audit(AUDIT_OS_NOT, "SUSE / openSUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+|SUSE([\d.]+))", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15|SUSE15\.5|SUSE15\.6)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLED15" && (! preg(pattern:"^(5|6)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED15 SP5/6", os_ver + " SP" + service_pack);
if (os_ver == "SLED_SAP15" && (! preg(pattern:"^(5|6)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED_SAP15 SP5/6", os_ver + " SP" + service_pack);
if (os_ver == "SLES15" && (! preg(pattern:"^(5|6)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES15 SP5/6", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP15" && (! preg(pattern:"^(5|6)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP15 SP5/6", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'MozillaThunderbird-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'MozillaThunderbird-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'MozillaThunderbird-translations-common-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'MozillaThunderbird-translations-common-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'MozillaThunderbird-translations-other-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'MozillaThunderbird-translations-other-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'MozillaThunderbird-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.6']},
{'reference':'MozillaThunderbird-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.6']},
{'reference':'MozillaThunderbird-translations-common-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.6']},
{'reference':'MozillaThunderbird-translations-common-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.6']},
{'reference':'MozillaThunderbird-translations-other-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.6']},
{'reference':'MozillaThunderbird-translations-other-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.6']},
{'reference':'MozillaThunderbird-115.14.0-150200.8.174.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'MozillaThunderbird-translations-common-115.14.0-150200.8.174.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'MozillaThunderbird-translations-other-115.14.0-150200.8.174.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'MozillaThunderbird-115.14.0-150200.8.174.1', 'release':'SUSE15.6', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['openSUSE-release-15.6']},
{'reference':'MozillaThunderbird-translations-common-115.14.0-150200.8.174.1', 'release':'SUSE15.6', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['openSUSE-release-15.6']},
{'reference':'MozillaThunderbird-translations-other-115.14.0-150200.8.174.1', 'release':'SUSE15.6', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['openSUSE-release-15.6']},
{'reference':'MozillaThunderbird-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'MozillaThunderbird-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'MozillaThunderbird-translations-common-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'MozillaThunderbird-translations-common-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'MozillaThunderbird-translations-other-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'MozillaThunderbird-translations-other-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'MozillaThunderbird-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.6']},
{'reference':'MozillaThunderbird-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.6']},
{'reference':'MozillaThunderbird-translations-common-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.6']},
{'reference':'MozillaThunderbird-translations-common-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.6']},
{'reference':'MozillaThunderbird-translations-other-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.6']},
{'reference':'MozillaThunderbird-translations-other-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.6']},
{'reference':'MozillaThunderbird-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'MozillaThunderbird-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'MozillaThunderbird-translations-common-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'MozillaThunderbird-translations-common-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'MozillaThunderbird-translations-other-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'MozillaThunderbird-translations-other-115.14.0-150200.8.174.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'MozillaThunderbird-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.6', 'sled-release-15.6', 'sles-release-15.6']},
{'reference':'MozillaThunderbird-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.6', 'sled-release-15.6', 'sles-release-15.6']},
{'reference':'MozillaThunderbird-translations-common-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.6', 'sled-release-15.6', 'sles-release-15.6']},
{'reference':'MozillaThunderbird-translations-common-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.6', 'sled-release-15.6', 'sles-release-15.6']},
{'reference':'MozillaThunderbird-translations-other-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.6', 'sled-release-15.6', 'sles-release-15.6']},
{'reference':'MozillaThunderbird-translations-other-115.14.0-150200.8.174.1', 'sp':'6', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sle-we-release-15.6', 'sled-release-15.6', 'sles-release-15.6']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'MozillaThunderbird / MozillaThunderbird-translations-common / etc');
}
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529
www.nessus.org/u?66801412
bugzilla.suse.com/1228648
www.suse.com/security/cve/CVE-2024-7519
www.suse.com/security/cve/CVE-2024-7521
www.suse.com/security/cve/CVE-2024-7522
www.suse.com/security/cve/CVE-2024-7525
www.suse.com/security/cve/CVE-2024-7526
www.suse.com/security/cve/CVE-2024-7527
www.suse.com/security/cve/CVE-2024-7529
Related
nessus
nessus
Fedora 39 : thunderbird (2024-7fe5206574)
2024-08-15 00:00:00
Mozilla Thunderbird < 115.14
2024-08-06 00:00:00
Debian dsa-5744 : thunderbird - security update
2024-08-08 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5744-1)
2024-08-09 00:00:00
openSUSE: Security Advisory for MozillaThunderbird (SUSE-SU-2024:3112-1)
2024-09-06 00:00:00
Debian: Security Advisory (DSA-5740-1)
2024-08-07 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Thunderbird 115.14 — Mozilla
2024-08-06 00:00:00
Security Vulnerabilities fixed in Firefox ESR 115.14 — Mozilla
2024-08-06 00:00:00
Security Vulnerabilities fixed in Thunderbird 128.1 — Mozilla
2024-08-06 00:00:00
osv
osv
thunderbird - security update
2024-08-08 00:00:00
firefox-esr - security update
2024-08-07 00:00:00
Important: thunderbird security update
2024-08-14 00:00:00
amazon
amazon
Important: thunderbird
2024-08-28 19:04:00
kaspersky
kaspersky
KLA71400 Multiple vulnerabilities in Mozilla Thunderbird
2024-08-06 00:00:00
KLA71398 Multiple vulnerabilities in Mozilla Firefox ESR
2024-08-06 00:00:00
KLA71401 Multiple vulnerabilities in Mozilla Thunderbird
2024-08-06 00:00:00
redos
redos
ROS-20240828-03
2024-08-28 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2024-08-07 04:09:07
redhat
redhat
(RHSA-2024:5527) Important: thunderbird security update
2024-08-19 00:59:41
(RHSA-2024:5395) Important: thunderbird security update
2024-08-14 11:38:16
(RHSA-2024:5528) Important: thunderbird security update
2024-08-19 00:59:43
ubuntu
ubuntu
Thunderbird vulnerabilities
2024-09-09 00:00:00
Firefox regressions
2024-08-21 00:00:00
Firefox vulnerabilities
2024-08-19 00:00:00
almalinux
almalinux
Important: thunderbird security update
2024-08-14 00:00:00
Important: thunderbird security update
2024-08-14 00:00:00
Important: firefox security update
2024-08-15 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2024-08-14 00:00:00
thunderbird security update
2024-08-14 00:00:00
firefox security update
2024-08-14 00:00:00
freebsd
freebsd
firefox -- multiple vulnerabilities
2024-08-06 00:00:00
redhatcve
redhatcve
wolfi
wolfi
CVE-2024-7527 vulnerabilities
2024-09-19 09:11:50
CVE-2024-7522 vulnerabilities
2024-09-19 09:11:50
CVE-2024-7521 vulnerabilities
2024-09-19 09:11:50
cvelist
cvelist
ubuntucve
ubuntucve
debiancve
debiancve
alpinelinux
alpinelinux
cve
cve
nvd
nvd
vulnrichment
vulnrichment
CVSS3
9.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
7.5
Confidence
Low
Related for SUSE_SU-2024-3112-1.NASL