CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800, Security Vulnerabilities

CVE-2017-8147

AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00,...

CVE-2017-8157

OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an information leakage vulnerability. Products use TLS1.0 to encrypt. Attackers can exploit TLS1.0's vulnerabilities to decrypt data to obtain sensitive...

ABB TropOS

CVSS v3 6.8 Vendor: ABB Equipment: TropOS Vulnerabilities: Security Features AFFECTED PRODUCTS ABB reports that the key reinstallation attacks (KRACK) potentially affect all TropOS broadband mesh routers and bridges operating on Mesh OS release 8.5.2 or prior. IMPACT Successful exploitation of...

CVE-2017-12800

The EBML_FindNextElement function in ebmlmain.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv...

CVE-2017-12800

The EBML_FindNextElement function in ebmlmain.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv...

CVE-2017-12800

The EBML_FindNextElement function in ebmlmain.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv...

Null pointer dereference

The EBML_FindNextElement function in ebmlmain.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv...

CVE-2017-12800

The EBML_FindNextElement function in ebmlmain.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv...

CVE-2017-12800

The EBML_FindNextElement function in ebmlmain.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv...

Juniper Junos DoS Vulnerability (JSA10821)

According to its self-reported version number, the remote Junos device is affected by a vulnerability in the express path feature that could cause the flowd process to...

Cisco IOS Software VPLS denial of service (cisco-sa-20170927-vpls)

According to its self-reported version and configuration, the Cisco IOS software running on the remote device is affected by a denial of service vulnerability in the Virtual Private LAN Service (VPLS) feature. An unauthenticated, remote attacker can exploit this, via specially crafted requests, to....

CVE-2017-12238

A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service (DoS)...

CVE-2017-12238

A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service (DoS)...

Race condition

A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service (DoS)...

CVE-2017-12238

A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service (DoS)...

SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2017:2589-1)

This update for MozillaFirefox to ESR 52.3 fixes several issues. These security issues were fixed : CVE-2017-7807 Domain hijacking through AppCache fallback (bsc#1052829) CVE-2017-7791 Spoofing following page navigation with data: protocol and modal alerts (bsc#1052829) CVE-2017-7792...

Security update for MozillaFirefox (important)

This update for MozillaFirefox to ESR 52.3 fixes several issues. These security issues were fixed: CVE-2017-7807 Domain hijacking through AppCache fallback (bsc#1052829) CVE-2017-7791 Spoofing following page navigation with data: protocol and modal alerts (bsc#1052829) CVE-2017-7792 Buffer...

CVE-2017-12238

A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service (DoS)...

Cisco IOS Software for Cisco Catalyst 6800 Series Switches VPLS Denial of Service Vulnerability

A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS Software for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service (DoS) condition. The...

Cisco Releases Security Updates

Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...

Security Advisory - Information Leakage Vulnerability on OceanStor

There is an information leakage vulnerability on OceanStor. Products use TLS1.0 to encrypt. Attackers can exploit TLS1.0's vulnerabilities to decrypt data to obtain sensitive information. (Vulnerability ID: HWPSIRT-2017-06256) This vulnerability has been assigned a Common Vulnerabilities and...

Ubuntu: Security Advisory (USN-3416-1)

The remote host is missing an update for...

Ubuntu 14.04 LTS / 16.04 LTS : Thunderbird vulnerabilities (USN-3416-1)

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to bypass same-origin restrictions, bypass CSP restrictions, obtain sensitive information, spoof the origin...

Thunderbird vulnerabilities

Releases Ubuntu 17.04 Ubuntu 16.04 ESM Ubuntu 14.04 ESM Packages thunderbird - Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker...

Description of the security update for SharePoint Foundation 2013: September 12, 2017

Description of the security update for SharePoint Foundation 2013: September 12, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...

Debian DSA-3968-1 : icedove - security update

Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of...

[SECURITY] [DSA 3968-1] icedove/thunderbird security update

Debian Security Advisory DSA-3968-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 11, 2017 https://www.debian.org/security/faq Package : icedove CVE ID : CVE-2017-7753 CVE-2017-7779...

EulerOS 2.0 SP1 : firefox (EulerOS-SA-2017-1197)

According to the versions of the firefox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash...

EulerOS 2.0 SP2 : firefox (EulerOS-SA-2017-1198)

According to the versions of the firefox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash...

icedove - security update

Bulletin has no...

Debian: Security Advisory (DSA-3968-1)

The remote host is missing an update for the...

Debian DLA-1087-2 : icedove/thunderbird regression update

The update for icedove/thunderbird issued as DLA-1087-1 did not build on i386. This update corrects this. For reference, the original advisory text follows. Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memory safety errors, buffer overflows and other...

[SECURITY] [DLA 1087-1] icedove/thunderbird security update

Package : icedove Version : 1:52.3.0-4~deb7u1 CVE ID : CVE-2017-7753 CVE-2017-7779 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 ...

icedove - security update

Bulletin has no...

CentOS Update for thunderbird CESA-2017:2534 centos6

Check the version of...

CentOS 6 / 7 : thunderbird (CESA-2017:2534)

An update for thunderbird is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is...

thunderbird security update

CentOS Errata and Security Advisory CESA-2017:2534 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.3.0. Security Fix(es): Multiple flaws were found in the processing of malformed web content. A web page containing malicious content...

SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2017:2302-1)

Mozilla Firefox was updated to the ESR 52.3 release (bsc#1052829) Following security issues were fixed : MFSA 2017-19/CVE-2017-7807: Domain hijacking through AppCache fallback MFSA 2017-19/CVE-2017-7791: Spoofing following page navigation with data: protocol and modal alerts MFSA...

Security update for MozillaFirefox (important)

Mozilla Firefox was updated to the ESR 52.3 release (bsc#1052829) Following security issues were fixed: MFSA 2017-19/CVE-2017-7807: Domain hijacking through AppCache fallback MFSA 2017-19/CVE-2017-7791: Spoofing following page navigation with data: protocol and modal alerts MFSA...

CVE-2016-6800

The default configuration of the Apache OFBiz framework offers a blog functionality. Different users are able to operate blogs which are related to specific parties. In the form field for the creation of new blog articles the user input of the summary field as well as the article field is not...

Default configuration

The default configuration of the Apache OFBiz framework offers a blog functionality. Different users are able to operate blogs which are related to specific parties. In the form field for the creation of new blog articles the user input of the summary field as well as the article field is not...

CVE-2016-6800

The default configuration of the Apache OFBiz framework offers a blog functionality. Different users are able to operate blogs which are related to specific parties. In the form field for the creation of new blog articles the user input of the summary field as well as the article field is not...

Updated thunderbird packages fix security vulnerabilities

Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird (CVE-2017-7779, CVE-2017-7800, CVE-2017-7801, CVE-2017-7753,...

RedHat Update for thunderbird RHSA-2017:2534-01

The remote host is missing an update for...

Oracle Linux 6 / 7 : thunderbird (ELSA-2017-2534)

From Red Hat Security Advisory 2017:2534 : An update for thunderbird is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,...

Scientific Linux Security Update : thunderbird on SL6.x, SL7.x i386/x86_64 (20170824)

This update upgrades Thunderbird to version 52.3.0. Security Fix(es) : Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the...

(RHSA-2017:2534) Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.3.0. Security Fix(es): Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially,...

thunderbird security update

[52.3.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [52.3.0-1] - Update to 52.3.0 [52.2.1-1] - Update to...

RHEL 6 / 7 : thunderbird (RHSA-2017:2534)

An update for thunderbird is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is...

[ASA-201708-18] thunderbird: multiple issues

Arch Linux Security Advisory ASA-201708-18 Severity: Critical Date : 2017-08-23 CVE-ID : CVE-2017-7753 CVE-2017-7779 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7807 CVE-2017-7809 Package :...