Veracode Vulnerability DatabaseVERACODE:24598Arbitrary Code Execution
0.107 Low
EPSS
Percentile
95.1%
thunderbird/firefox is vulnerable to arbitrary code execution. Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
References
lists.opensuse.org/opensuse-security-announce/2011-07/msg00001.html
secunia.com/advisories/45002
support.avaya.com/css/P8/documents/100144854
support.avaya.com/css/P8/documents/100145333
www.debian.org/security/2011/dsa-2268
www.debian.org/security/2011/dsa-2269
www.debian.org/security/2011/dsa-2273
www.mandriva.com/security/advisories?name=MDVSA-2011:111
www.mozilla.org/security/announce/2011/mfsa2011-20.html
www.redhat.com/support/errata/RHSA-2011-0885.html
www.redhat.com/support/errata/RHSA-2011-0887.html
www.redhat.com/support/errata/RHSA-2011-0888.html
www.ubuntu.com/usn/USN-1149-1
access.redhat.com/errata/RHSA-2011:0888
access.redhat.com/security/updates/classification/#critical
bugzilla.mozilla.org/show_bug.cgi?id=617247
exchange.xforce.ibmcloud.com/vulnerabilities/68133
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14178
Related
