Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2023-0034)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2023.0034
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2023-0034)
Resumen:	The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2023-0034 advisory.
Descripción:	Summary: The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2023-0034 advisory. Vulnerability Insight: libusrsctp library out of date. (CVE-2022-46871) Arbitrary file read from GTK drag and drop on Linux. (CVE-2023-23598) URL being dragged from cross-origin iframe into same tab triggers navigation. (CVE-2023-23601) Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers. (CVE-2023-23602) Fullscreen notification bypass. (CVE-2022-46877) Calls to `console.log` allowed bypasing Content Security Policy via format directive. (CVE-2023-23603) Memory safety bugs fixed in Thunderbird 102.7. (CVE-2023-23605) Revocation status of S/Mime signature certificates was not checked. (CVE-2023-0430) Affected Software/OS: 'thunderbird, thunderbird-l10n' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-46871 Debian Security Information: DSA-5322 (Google Search) https://www.debian.org/security/2023/dsa-5322 Debian Security Information: DSA-5355 (Google Search) https://www.debian.org/security/2023/dsa-5355 https://security.gentoo.org/glsa/202305-06 https://security.gentoo.org/glsa/202305-13 https://bugzilla.mozilla.org/show_bug.cgi?id=1795697 https://www.mozilla.org/security/advisories/mfsa2022-51/ https://lists.debian.org/debian-lts-announce/2023/01/msg00015.html https://lists.debian.org/debian-lts-announce/2023/02/msg00018.html Common Vulnerability Exposure (CVE) ID: CVE-2022-46877 https://bugzilla.mozilla.org/show_bug.cgi?id=1795139 Common Vulnerability Exposure (CVE) ID: CVE-2023-0430 https://bugzilla.mozilla.org/show_bug.cgi?id=1769000 https://www.mozilla.org/security/advisories/mfsa2023-04/ Common Vulnerability Exposure (CVE) ID: CVE-2023-23598 https://bugzilla.mozilla.org/show_bug.cgi?id=1800425 https://www.mozilla.org/security/advisories/mfsa2023-01/ https://www.mozilla.org/security/advisories/mfsa2023-02/ https://www.mozilla.org/security/advisories/mfsa2023-03/ Common Vulnerability Exposure (CVE) ID: CVE-2023-23601 https://bugzilla.mozilla.org/show_bug.cgi?id=1794268 Common Vulnerability Exposure (CVE) ID: CVE-2023-23602 https://bugzilla.mozilla.org/show_bug.cgi?id=1800890 Common Vulnerability Exposure (CVE) ID: CVE-2023-23603 https://bugzilla.mozilla.org/show_bug.cgi?id=1800832 Common Vulnerability Exposure (CVE) ID: CVE-2023-23605 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1764921%2C1802690%2C1806974
Copyright	Copyright (C) 2023 Greenbone AG