RHEL 7 : thunderbird (RHSA-2019:1626)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1626 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Security Fixes: Mozilla:...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

radare2/ia_fuzz: Stack-buffer-overflow in string_scan_range

Project: https://github.com/radare/radare2.git Detailed report: https://oss-fuzz.com/testcase?key=5638315212013568 Project: radare2 Fuzzer: libFuzzerradare2iafuzz Fuzz target binary: iafuzz Job Type: libfuzzerasanradare2 Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 1 Crash Address:...

FreeBSD : Mozilla -- multiple vulnerabilities (98f1241f-8c09-4237-ad0d-67fb4158ea7a)

Mozilla Foundation reports : CVE-2019-11703: Heap buffer overflow in icalparser.c A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages, resulting in a potentially exploitable crash. CVE-2019-11704: Heap buffer...

c-ares/ares_parse_reply_fuzzer: Stack-buffer-overflow in ares_parse_aaaa_reply

Project: https://github.com/c-ares/c-ares.git Detailed report: https://oss-fuzz.com/testcase?key=5683497160671232 Project: c-ares Fuzzer: libFuzzerc-aresaresparsereplyfuzzer Fuzz target binary: aresparsereplyfuzzer Job Type: libfuzzerasanc-ares Platform Id: linux Crash Type: Stack-buffer-overflow...

openthread/ncp-uart-received-fuzzer: Stack-buffer-overflow in ot::Message::Write

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5734126906245120 Project: openthread Fuzzer: aflopenthreadncp-uart-received-fuzzer Fuzz target binary: ncp-uart-received-fuzzer Job Type: aflasanopenthread Platform Id: linux Crash Type:...

MGASA-2019-0193 Updated thunderbird packages fix security vulnerabilities

The updated thunderbird packages fix some bugs and security vulnerabilities: Heap buffer overflow in icalparser.c. CVE-2019-11703 Heap buffer overflow in icalvalue.c. CVE-2019-11704 Stack buffer overflow in icalrecur.c. CVE-2019-11705 Type confusion in icalproperty.c. CVE-2019-11706...

openthread/radio-receive-done-fuzzer: Stack-buffer-overflow in ot::Message::Write

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5759171934289920 Project: openthread Fuzzer: libFuzzeropenthreadradio-receive-done-fuzzer Fuzz target binary: radio-receive-done-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Cra...

openthread/ip6-send-fuzzer: Stack-buffer-overflow in ot::MeshCoP::DatasetManager::HandleSet

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5683612520808448 Project: openthread Fuzzer: aflopenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: aflasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow...

curl: NTLMv2 type-3 header stack buffer overflow

A stack-based buffer overflow was found in the way curl handled NTLMv2 type-3 headers. When connecting to a remote malicious server which uses NTLM authentication, the flaw could cause curl to crash...

Mozilla Thunderbird < 60.7.1

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 60.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-17 advisory. - A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecuraddbydayrules...

Mozilla Thunderbird < 60.7.1

The version of Thunderbird installed on the remote Windows host is prior to 60.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-17 advisory. - A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecuraddbydayrules when...

ffmpeg/ffmpeg_DEMUXER_fuzzer: Stack-buffer-overflow in get_v

Project: https://git.ffmpeg.org/ffmpeg.git Detailed report: https://oss-fuzz.com/testcase?key=5658245101780992 Project: ffmpeg Fuzzer: libFuzzerffmpegDEMUXERfuzzer Fuzz target binary: ffmpegDEMUXERfuzzer Job Type: libfuzzerasanffmpeg Platform Id: linux Crash Type: Stack-buffer-overflow READ 1 Cra...

imagemagick/encoder_heic_fuzzer: Stack-buffer-overflow in std::__1::shared_ptr<heif::HeifPixelImage>::~shared_ptr

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5638446846050304 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderheicfuzzer Fuzz target binary: encoderheicfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...

Foxit PDF SDK ActiveX < 5.5.1 Multiple Vulnerabilities

According to its version, the Foxit PDF SDK ActiveX application installed on the remote Windows host is prior to 5.5.1. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability exists due to a lack of security permission control which could allow LaunchURL...

[ASA-201906-10] thunderbird: multiple issues

Arch Linux Security Advisory ASA-201906-10 ========================================== Severity: High Date : 2019-06-14 CVE-ID : CVE-2019-11703 CVE-2019-11704 CVE-2019-11705 CVE-2019-11706 Package : thunderbird Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-980 Summa...

CVE-2019-11705

A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecuraddbydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...

Security vulnerabilities fixed in Thunderbird 60.7.1 — Mozilla

A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages, resulting in a potentially exploitable crash. A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemorystrdupanddequote when...

Mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2019-11703: Heap buffer overflow in icalparser.c A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages, resulting in a potentially exploitable crash. CVE-2019-11704: Heap buffer...