English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.10.2018.0480
Categoría:Mageia Linux Local Security Checks
Título:Mageia: Security Advisory (MGASA-2018-0480)
Resumen:The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2018-0480 advisory.
Descripción:Summary:
The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2018-0480 advisory.

Vulnerability Insight:
- Buffer overflow using computed size of canvas element. (CVE-2018-12359)

- Use-after-free when using focus(). (CVE-2018-12360)

- Integer overflow in SwizzleData. (CVE-2018-12361)

- Integer overflow in SSSE3 scaler. (CVE-2018-12362)

- Media recorder segmentation fault when track type is changed during
capture. (CVE-2018-5156)

- Use-after-free when appending DOM nodes. (CVE-2018-12363)

- CSRF attacks through 307 redirects and NPAPI plugins. (CVE-2018-12364)

- Compromised IPC child process can list local filenames.
(CVE-2018-12365)

- Integer overflow in Skia library during edge builder allocation.
(CVE-2018-12371)

- Invalid data handling during QCMS transformations. (CVE-2018-12366)

- Timing attack mitigation of PerformanceNavigationTiming.
(CVE-2018-12367)

- No warning when opening executable SettingContent-ms files.
(CVE-2018-12368)

- Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and
Thunderbird 60. (CVE-2018-5187)

- Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, Firefox
ESR 52.9, and Thunderbird 60. (CVE-2018-5188)

- Use-after-free in refresh driver timers. (CVE-2018-12377)

- Use-after-free in IndexedDB. (CVE-2018-12378)

- Out-of-bounds write with malicious MAR file. (CVE-2018-12379)

- Proxy bypass using automount and autofs. (CVE-2017-16541)

- Crash in TransportSecurityInfo due to cached data. (CVE-2018-12385)

- Setting a master password post-Firefox 58 does not delete unencrypted
previously stored passwords. (CVE-2018-12383)

- Memory safety bugs fixed in Firefox 62, Firefox ESR 60.2, and
Thunderbird 60.2.1. (CVE-2018-12376)

- HTTP Live Stream audio data is accessible cross-origin.
(CVE-2018-12391)

- Crash with nested event loops. (CVE-2018-12392)

- Integer overflow during Unicode conversion while loading JavaScript.
(CVE-2018-12393)

- Memory safety bugs fixed in Firefox ESR 60.3 and Thunderbird 60.3.
(CVE-2018-12389)

- Memory safety bugs fixed in Firefox 63, Firefox ESR 60.3, and
Thunderbird 60.3. (CVE-2018-12390)

Affected Software/OS:
'thunderbird, thunderbird-l10n' package(s) on Mageia 6.

Solution:
Please install the updated package(s).

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-16541
BugTraq ID: 101665
http://www.securityfocus.com/bid/101665
Debian Security Information: DSA-4327 (Google Search)
https://www.debian.org/security/2018/dsa-4327
https://security.gentoo.org/glsa/201810-01
https://security.gentoo.org/glsa/201811-13
https://blog.torproject.org/tor-browser-709-released
https://bugzilla.mozilla.org/show_bug.cgi?id=1412081
https://trac.torproject.org/projects/tor/ticket/24052
https://www.bleepingcomputer.com/news/security/tormoil-vulnerability-leaks-real-ip-address-from-tor-browser-users/
https://www.wearesegment.com/research/tormoil-torbrowser-unspecified-critical-security-vulnerability/
https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html
RedHat Security Advisories: RHSA-2018:2692
https://access.redhat.com/errata/RHSA-2018:2692
RedHat Security Advisories: RHSA-2018:2693
https://access.redhat.com/errata/RHSA-2018:2693
RedHat Security Advisories: RHSA-2018:3403
https://access.redhat.com/errata/RHSA-2018:3403
RedHat Security Advisories: RHSA-2018:3458
https://access.redhat.com/errata/RHSA-2018:3458
http://www.securitytracker.com/id/1041610
Common Vulnerability Exposure (CVE) ID: CVE-2018-12359
BugTraq ID: 104555
http://www.securityfocus.com/bid/104555
Debian Security Information: DSA-4235 (Google Search)
https://www.debian.org/security/2018/dsa-4235
Debian Security Information: DSA-4244 (Google Search)
https://www.debian.org/security/2018/dsa-4244
https://lists.debian.org/debian-lts-announce/2018/06/msg00014.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00013.html
RedHat Security Advisories: RHSA-2018:2112
https://access.redhat.com/errata/RHSA-2018:2112
RedHat Security Advisories: RHSA-2018:2113
https://access.redhat.com/errata/RHSA-2018:2113
RedHat Security Advisories: RHSA-2018:2251
https://access.redhat.com/errata/RHSA-2018:2251
RedHat Security Advisories: RHSA-2018:2252
https://access.redhat.com/errata/RHSA-2018:2252
http://www.securitytracker.com/id/1041193
https://usn.ubuntu.com/3705-1/
https://usn.ubuntu.com/3714-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-12360
Common Vulnerability Exposure (CVE) ID: CVE-2018-12361
BugTraq ID: 104558
http://www.securityfocus.com/bid/104558
Debian Security Information: DSA-4295 (Google Search)
https://www.debian.org/security/2018/dsa-4295
Common Vulnerability Exposure (CVE) ID: CVE-2018-12362
BugTraq ID: 104560
http://www.securityfocus.com/bid/104560
Common Vulnerability Exposure (CVE) ID: CVE-2018-12363
Common Vulnerability Exposure (CVE) ID: CVE-2018-12364
Common Vulnerability Exposure (CVE) ID: CVE-2018-12365
Common Vulnerability Exposure (CVE) ID: CVE-2018-12366
Common Vulnerability Exposure (CVE) ID: CVE-2018-12367
BugTraq ID: 104561
http://www.securityfocus.com/bid/104561
Common Vulnerability Exposure (CVE) ID: CVE-2018-12368
https://posts.specterops.io/the-tale-of-settingcontent-ms-files-f1ea253e4d39
Common Vulnerability Exposure (CVE) ID: CVE-2018-12371
https://bugzilla.mozilla.org/show_bug.cgi?id=1465686
https://www.mozilla.org/security/advisories/mfsa2018-15/
https://www.mozilla.org/security/advisories/mfsa2018-16/
https://www.mozilla.org/security/advisories/mfsa2018-19/
Common Vulnerability Exposure (CVE) ID: CVE-2018-12376
BugTraq ID: 105280
http://www.securityfocus.com/bid/105280
Debian Security Information: DSA-4287 (Google Search)
https://www.debian.org/security/2018/dsa-4287
https://usn.ubuntu.com/3761-1/
https://usn.ubuntu.com/3793-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-12377
Common Vulnerability Exposure (CVE) ID: CVE-2018-12378
Common Vulnerability Exposure (CVE) ID: CVE-2018-12379
Common Vulnerability Exposure (CVE) ID: CVE-2018-12383
BugTraq ID: 105276
http://www.securityfocus.com/bid/105276
Debian Security Information: DSA-4304 (Google Search)
https://www.debian.org/security/2018/dsa-4304
RedHat Security Advisories: RHSA-2018:2834
https://access.redhat.com/errata/RHSA-2018:2834
RedHat Security Advisories: RHSA-2018:2835
https://access.redhat.com/errata/RHSA-2018:2835
http://www.securitytracker.com/id/1041701
Common Vulnerability Exposure (CVE) ID: CVE-2018-12385
BugTraq ID: 105380
http://www.securityfocus.com/bid/105380
http://www.securitytracker.com/id/1041700
https://usn.ubuntu.com/3778-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-12389
BugTraq ID: 105723
http://www.securityfocus.com/bid/105723
BugTraq ID: 105769
http://www.securityfocus.com/bid/105769
Debian Security Information: DSA-4324 (Google Search)
https://www.debian.org/security/2018/dsa-4324
Debian Security Information: DSA-4337 (Google Search)
https://www.debian.org/security/2018/dsa-4337
https://security.gentoo.org/glsa/201811-04
https://lists.debian.org/debian-lts-announce/2018/11/msg00008.html
RedHat Security Advisories: RHSA-2018:3005
https://access.redhat.com/errata/RHSA-2018:3005
RedHat Security Advisories: RHSA-2018:3006
https://access.redhat.com/errata/RHSA-2018:3006
RedHat Security Advisories: RHSA-2018:3531
https://access.redhat.com/errata/RHSA-2018:3531
RedHat Security Advisories: RHSA-2018:3532
https://access.redhat.com/errata/RHSA-2018:3532
http://www.securitytracker.com/id/1041944
https://usn.ubuntu.com/3868-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-12390
BugTraq ID: 105718
http://www.securityfocus.com/bid/105718
https://usn.ubuntu.com/3801-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-12391
Common Vulnerability Exposure (CVE) ID: CVE-2018-12392
Common Vulnerability Exposure (CVE) ID: CVE-2018-12393
Common Vulnerability Exposure (CVE) ID: CVE-2018-5156
Common Vulnerability Exposure (CVE) ID: CVE-2018-5187
BugTraq ID: 104556
http://www.securityfocus.com/bid/104556
Common Vulnerability Exposure (CVE) ID: CVE-2018-5188
https://usn.ubuntu.com/3749-1/
CopyrightCopyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.