Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-503-1
HistoryAug 25, 2007 - 12:00 a.m.

Thunderbird vulnerabilities

2007-08-2500:00:00
ubuntu.com
61

8.4 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.966 High

EPSS

Percentile

99.6%

JSON

Releases

  • Ubuntu 7.04
  • Ubuntu 6.10
  • Ubuntu 6.06

Packages

  • mozilla-thunderbird -

Details

Various flaws were discovered in the layout and JavaScript engines. By
tricking a user into opening a malicious email, an attacker could execute
arbitrary code with the userโ€™s privileges. Please note that JavaScript
is disabled by default for emails, and it is not recommended to enable it.
(CVE-2007-3734, CVE-2007-3735, CVE-2007-3844)

Jesper Johansson discovered that spaces and double-quotes were
not correctly handled when launching external programs. In rare
configurations, after tricking a user into opening a malicious email,
an attacker could execute helpers with arbitrary arguments with the
userโ€™s privileges. (CVE-2007-3670, CVE-2007-3845)

OSVersionArchitecturePackageVersionFilename
Ubuntu7.04noarchmozilla-thunderbird<ย 1.5.0.13-0ubuntu0.7.04UNKNOWN
Ubuntu7.04noarchmozilla-thunderbird-dev<ย 1.5.0.13-0ubuntu0.7.04UNKNOWN
Ubuntu7.04noarchmozilla-thunderbird-inspector<ย 1.5.0.13-0ubuntu0.7.04UNKNOWN
Ubuntu7.04noarchmozilla-thunderbird-typeaheadfind<ย 1.5.0.13-0ubuntu0.7.04UNKNOWN
Ubuntu6.10noarchmozilla-thunderbird<ย 1.5.0.13-0ubuntu0.6.10UNKNOWN
Ubuntu6.10noarchmozilla-thunderbird-dev<ย 1.5.0.13-0ubuntu0.6.10UNKNOWN
Ubuntu6.10noarchmozilla-thunderbird-inspector<ย 1.5.0.13-0ubuntu0.6.10UNKNOWN
Ubuntu6.10noarchmozilla-thunderbird-typeaheadfind<ย 1.5.0.13-0ubuntu0.6.10UNKNOWN
Ubuntu6.06noarchmozilla-thunderbird<ย 1.5.0.13-0ubuntu0.6.06UNKNOWN
Ubuntu6.06noarchmozilla-thunderbird-dev<ย 1.5.0.13-0ubuntu0.6.06UNKNOWN
Rows per page:
1-10 of 121

Related

openvas 51
nessus 49
osv 6
debian 6
securityvulns 8
ubuntu 1
mozilla 5
gentoo 1
checkpoint_advisories 2
seebug 2
suse 1
freebsd 1
cert 2
veracode 3
ubuntucve 8
prion 14
cve 14
chrome 1
fedora 10
redhat 3
oraclelinux 3
centos 4
redhatcve 3
myhack58 1
openvas
openvas
Ubuntu Update for mozilla-thunderbird vulnerabilities USN-503-1
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-503-1)
2009-03-23 00:00:00
Mandriva Update for mozilla-thunderbird MDVSA-2007:047 (mozilla-thunderbird)
2009-04-09 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 6.10 / 7.04 : mozilla-thunderbird vulnerabilities (USN-503-1)
2007-11-10 00:00:00
Debian DSA-1391-1 : icedove - several vulnerabilities
2007-10-25 00:00:00
Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2008:047)
2009-04-23 00:00:00
osv
osv
icedove - several vulnerabilities
2007-10-19 00:00:00
xulrunner
2007-08-04 00:00:00
iceweasel
2007-08-03 00:00:00
debian
debian
[SECURITY] [DSA 1391-1] New icedove packages fix several vulnerabilities
2007-10-19 15:55:05
[SECURITY] [DSA 1346-1] New iceape packages fix several vulnerabilities
2007-08-04 11:54:19
[SECURITY] [DSA 1345-1] New xulrunner packages fix several vulnerabilities
2007-08-04 11:42:41
securityvulns
securityvulns
Mozilla Firefox / Thunderbird URL processing code execution
2007-08-01 00:00:00
Mozilla Foundation Security Advisory 2007-18
2007-07-19 00:00:00
Mozilla Foundation Security Advisory 2007-26
2007-08-01 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2007-08-01 00:00:00
mozilla
mozilla
Crashes with evidence of memory corruption (rv:1.8.1.5) โ€” Mozilla
2007-07-17 00:00:00
Unescaped URIs passed to external programs โ€” Mozilla
2007-07-30 00:00:00
Privilege escalation through chrome-loaded about:blank windows โ€” Mozilla
2007-07-30 00:00:00
gentoo
gentoo
Mozilla products: Multiple vulnerabilities
2007-08-14 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox Design Mode Deleted Style Reference Memory Corruption - Ver2 (CVE-2007-3734)
2014-12-28 00:00:00
Firefox Protocol Handler Code Execution - Ver2 (CVE-2007-3845)
2014-12-28 00:00:00
seebug
seebug
Mozilla Firefox 2.0.0.4ๅคšไธช่ฟœ็จ‹ๅฎ‰ๅ…จๆผๆดž
2007-07-19 00:00:00
Firefox/Thunderbird/SeaMonkey ChromeๅŠ ่ฝฝabout:blank็ช—ๅฃๆƒ้™ๆๅ‡ๆผๆดž
2007-08-07 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey
2007-08-02 16:31:06
freebsd
freebsd
mozilla -- multiple vulnerabilities
2007-07-17 00:00:00
cert
cert
Mozilla Firefox URI filtering vulnerability
2007-07-26 00:00:00
Mozilla Firefox URL protocol handling vulnerability
2007-07-11 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:17:15
Denial Of Service (DoS)
2020-04-10 00:20:21
Arbitrary Code Execution
2020-04-10 00:17:16
ubuntucve
ubuntucve
CVE-2007-3734
2007-07-18 00:00:00
CVE-2007-3670
2007-07-10 00:00:00
CVE-2007-3735
2007-07-18 00:00:00
prion
prion
Memory corruption
2007-07-18 17:30:00
Memory corruption
2007-07-18 17:30:00
Cross site scripting
2007-07-10 19:30:00
cve
cve
CVE-2007-3734
2007-07-18 17:30:00
CVE-2007-3670
2007-07-10 19:30:00
CVE-2007-3735
2007-07-18 17:30:00
chrome
chrome
Stable and Beta Update: Incognito Mode Fix
2009-02-03 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: thunderbird-1.5.0.12-2.fc6
2007-07-20 16:21:25
[SECURITY] Fedora 7 Update: thunderbird-2.0.0.5-1.fc7
2007-07-20 19:32:33
[SECURITY] Fedora 7 Update: devhelp-0.13-9.fc7
2007-07-18 20:56:37
redhat
redhat
(RHSA-2007:0723) Moderate: thunderbird security update
2007-07-18 00:00:00
(RHSA-2007:0722) Critical: seamonkey security update
2007-07-18 00:00:00
(RHSA-2007:0724) Critical: firefox security update
2007-07-18 00:00:00
oraclelinux
oraclelinux
Moderate: thunderbird security update
2007-07-19 00:00:00
Critical: seamonkey security update
2007-07-19 00:00:00
Critical: firefox security update
2007-07-19 00:00:00
centos
centos
thunderbird security update
2007-07-19 19:16:54
seamonkey security update
2007-07-20 05:54:56
seamonkey security update
2007-07-19 11:53:21
redhatcve
redhatcve
CVE-2007-4841
2015-10-30 09:30:54
CVE-2007-4038
2015-10-30 10:30:05
CVE-2007-4039
2015-10-30 10:30:00
myhack58
myhack58
Talking about the URI Schemes of use-vulnerability warning-the black bar safety net
2019-05-28 00:00:00

8.4 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.966 High

EPSS

Percentile

99.6%

JSON
Related for USN-503-1
openvas51nessus49osv6debian6securityvulns8ubuntu1mozilla5gentoo1checkpoint_advisories2seebug2suse1freebsd1cert2veracode3ubuntucve8prion14cve14chrome1fedora10redhat3oraclelinux3centos4redhatcve3myhack581