Gentoo Linux Security Advisory 201803-14 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to the execution of arbitrary code. Versions less than 52.6.0 are affected.
1f3a94ceae3f19b557b9b182f96a0256325f4f1e1effd4be0f02b5e62dec3892Ubuntu Security Notice 3477-4 - USN-3477-1 fixed vulnerabilities in Firefox. The update introduced a crash reporting issue where background tab crash reports were sent to Mozilla without user opt-in. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. Various other issues were also addressed.
d602c30afc36eea09eaf2bc581881faa087a17f86a06f99eb5a6e1e0e46fab65Debian Linux Security Advisory 4061-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service.
172c96f61e24947755622149176d0f25a172d4a0fd3c02dbb07f0f536eae4917Red Hat Security Advisory 2017-3372-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.5.0. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
6b1d275afe40471b45a0ce2400da019aa8aa6e21260f9401fa33d98774aa13aaUbuntu Security Notice 3490-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing-like context, an attacker could potentially exploit these to bypass same-origin restrictions, cause a denial of service via application crash, or execute arbitrary code.
8865834d048308c75d460b35d2d88a91e987a3fa7a626ec895c16af3fd6a09fdUbuntu Security Notice 3477-3 - USN-3477-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. It was discovered that javascript: URLs pasted in to the addressbar would be executed instead of being blocked in some circumstances. If a user were tricked in to copying a specially crafted URL in to the addressbar, an attacker could potentially exploit this to conduct cross-site scripting attacks. It was discovered that exported bookmarks do not strip script elements from user-supplied tags. If a user were tricked in to adding specially crafted tags to bookmarks, exporting them and then opening the resulting HTML file, an attacker could potentially exploit this to conduct cross-site scripting attacks. Various other issues were also addressed.
3a399722a8fed6b27405ec5f9c9112bdb399c08de54e945ba0f23e69c02ebbfcUbuntu Security Notice 3477-2 - USN-3477-1 fixed vulnerabilities in Firefox. The update caused search suggestions to not be displayed when performing Google searches from the search bar. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. It was discovered that javascript: URLs pasted in to the addressbar would be executed instead of being blocked in some circumstances. If a user were tricked in to copying a specially crafted URL in to the addressbar, an attacker could potentially exploit this to conduct cross-site scripting attacks. It was discovered that exported bookmarks do not strip script elements from user-supplied tags. If a user were tricked in to adding specially crafted tags to bookmarks, exporting them and then opening the resulting HTML file, an attacker could potentially exploit this to conduct cross-site scripting attacks. Various other issues were also addressed.
9d86fd5032018e790c3b211d4a6351a163087b4a1457ea87bb4f30d6d755a7b4Red Hat Security Advisory 2017-3247-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.5.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
8e16534b09b23a33b0a419c297e51028a2923401e71e964c16ebcc9a5811ec77Ubuntu Security Notice 3477-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. Various other issues were also addressed.
84991dce94f63fa4afac41edc8d77c29b37c17f84c726d1811a0aa0654b71910Debian Linux Security Advisory 4035-1 - Several security issues have been found in the Mozilla Firefox web implementation errors may lead to the execution of arbitrary code, denial of service or bypass of the same origin policy.
1acda4f902a26eda78668456bf7fdcdef130e7ff2ba1aa57be0f39a6e75d307d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed