Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2023.0034
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2023-0034)
Zusammenfassung:	The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2023-0034 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2023-0034 advisory. Vulnerability Insight: libusrsctp library out of date. (CVE-2022-46871) Arbitrary file read from GTK drag and drop on Linux. (CVE-2023-23598) URL being dragged from cross-origin iframe into same tab triggers navigation. (CVE-2023-23601) Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers. (CVE-2023-23602) Fullscreen notification bypass. (CVE-2022-46877) Calls to console.log allowed bypasing Content Security Policy via format directive. (CVE-2023-23603) Memory safety bugs fixed in Thunderbird 102.7. (CVE-2023-23605) Revocation status of S/Mime signature certificates was not checked. (CVE-2023-0430) Affected Software/OS: 'thunderbird, thunderbird-l10n' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2022-46871 Debian Security Information: DSA-5322 (Google Search) https://www.debian.org/security/2023/dsa-5322 Debian Security Information: DSA-5355 (Google Search) https://www.debian.org/security/2023/dsa-5355 https://security.gentoo.org/glsa/202305-06 https://security.gentoo.org/glsa/202305-13 https://bugzilla.mozilla.org/show_bug.cgi?id=1795697 https://www.mozilla.org/security/advisories/mfsa2022-51/ https://lists.debian.org/debian-lts-announce/2023/01/msg00015.html https://lists.debian.org/debian-lts-announce/2023/02/msg00018.html Common Vulnerability Exposure (CVE) ID: CVE-2022-46877 https://bugzilla.mozilla.org/show_bug.cgi?id=1795139 Common Vulnerability Exposure (CVE) ID: CVE-2023-0430 https://bugzilla.mozilla.org/show_bug.cgi?id=1769000 https://www.mozilla.org/security/advisories/mfsa2023-04/ Common Vulnerability Exposure (CVE) ID: CVE-2023-23598 https://bugzilla.mozilla.org/show_bug.cgi?id=1800425 https://www.mozilla.org/security/advisories/mfsa2023-01/ https://www.mozilla.org/security/advisories/mfsa2023-02/ https://www.mozilla.org/security/advisories/mfsa2023-03/ Common Vulnerability Exposure (CVE) ID: CVE-2023-23601 https://bugzilla.mozilla.org/show_bug.cgi?id=1794268 Common Vulnerability Exposure (CVE) ID: CVE-2023-23602 https://bugzilla.mozilla.org/show_bug.cgi?id=1800890 Common Vulnerability Exposure (CVE) ID: CVE-2023-23603 https://bugzilla.mozilla.org/show_bug.cgi?id=1800832 Common Vulnerability Exposure (CVE) ID: CVE-2023-23605 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1764921%2C1802690%2C1806974
Copyright	Copyright (C) 2023 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.