Veracode Vulnerability DatabaseVERACODE:11692Denial Of Service
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Mozilla Thunderbird is vulnerable to denial of service (DoS) attack. It is possible because it does not prevent the processing of malformed web content, allowing the application to crash.
References
lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html
lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html
lists.opensuse.org/opensuse-security-announce/2015-06/msg00000.html
lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
lists.opensuse.org/opensuse-updates/2015-05/msg00036.html
rhn.redhat.com/errata/RHSA-2015-0988.html
rhn.redhat.com/errata/RHSA-2015-1012.html
www.debian.org/security/2015/dsa-3260
www.debian.org/security/2015/dsa-3264
www.mozilla.org/security/announce/2015/mfsa2015-46.html
www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
www.securityfocus.com/bid/74615
www.ubuntu.com/usn/USN-2602-1
www.ubuntu.com/usn/USN-2603-1
access.redhat.com/security/updates/classification/#important
bugzilla.mozilla.org/show_bug.cgi?id=1120655
bugzilla.mozilla.org/show_bug.cgi?id=1143299
bugzilla.mozilla.org/show_bug.cgi?id=1151139
bugzilla.mozilla.org/show_bug.cgi?id=1152177
rhn.redhat.com/errata/RHSA-2015-1012.html
security.gentoo.org/glsa/201605-06
www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7
Related
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P