MiracleLinux 4 : thunderbird-68.3.0-3.AXS4 (AXSA:2019-4404:04)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-4404:04 advisory. Mozilla: Use-after-free in worker destruction CVE-2019-17008 Mozilla: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 CVE-2019-17012...

Oracle Linux 6 : thunderbird (ELSA-2019-4205)

The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-4205 advisory. 68.3.0-3.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.3.0-3 - Update to 68.3.0 build2 Tenable has...

Oracle Linux 6 : firefox (ELSA-2019-4108)

The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-4108 advisory. - Added fix for mozbz1348168/CVE-2017-5428 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Mageia: Security Advisory (MGASA-2019-0376)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2019-0377)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES11 Security Update : MozillaFirefox, mozilla-nspr, mozilla-nss (SUSE-SU-2019:14260-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14260-1 advisory. - When encrypting with a block cipher, if a call to NSCEncryptUpdate was made with data smaller than the block size, a small out of bounds wri...

SUSE: Security Advisory (SUSE-SU-2019:14260-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:3347-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 8 : thunderbird (CESA-2019:4195)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2019:4195 advisory. - Mozilla: Buffer overflow in plain text serializer CVE-2019-17005 - Mozilla: Use-after-free in worker destruction CVE-2019-17008 - Mozilla:...

Ubuntu: Security Advisory (USN-4335-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Amazon Linux 2 : thunderbird (ALAS-2020-1386)

The version of thunderbird installed on the remote host is prior to 68.3.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1386 advisory. The plain text serializer used a fixed-size array for the number of Under certain conditions, when checking the Resis...

USN-4241-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting XSS attacks, or execute arbitrary code...

openSUSE Security Update : MozillaFirefox (openSUSE-2020-2)

This update for MozillaFirefox fixes the following issues : Mozilla Firefox was updated to 68.3esr MFSA 2019-37 bsc1158328 Security issues fixed : - CVE-2019-17008: Fixed a use-after-free in worker destruction bmo1546331 - CVE-2019-13722: Fixed a stack corruption due to incorrect number of...

openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2020:0003-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : MozillaThunderbird (openSUSE-2020-3)

This update for MozillaThunderbird fixes the following issues : Mozilla Thunderbird was updated to 68.3esr MFSA 2019-38 bsc1158328 Security issues fixed : - CVE-2019-17008: Fixed a use-after-free in worker destruction bmo1546331 - CVE-2019-13722: Fixed a stack corruption due to incorrect number o...

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2020:0002-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for MozillaThunderbird (important)

openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2020:0003-1 Rating: important References: Affected Products: openSUSE Leap 15.1 An update that contains security fixes can now be installed. Description: This update for MozillaThunderbird fixes the...

CVE-2019-17005

The plain text serializer used a fixed-size array for the number of elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 68.3, Firefox ESR 68.3, and Firefox 71...

CVE-2019-17005

The CVE-2019-17005 issue is a memory safety vulnerability in Mozilla’s plain text serializer where a fixed-size array for the number of elements could overflow, causing memory corruption and a potentially exploitable crash. Affected products include Thunderbird, Firefox ESR, and Firefox (all ver...