Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2023-0309)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2023.0309

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2023-0309)

Resumen: The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2023-0309 advisory.

Descripción: Summary:
The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2023-0309 advisory.

Vulnerability Insight:
The updated packages fix security vulnerabilities:

Queued up rendering could have allowed websites to clickjack.
(CVE-2023-5721)

Address bar spoofing via bidirectional characters. (CVE-2023-5732)

Large WebGL draw could have led to a crash. (CVE-2023-5724)

WebExtensions could open arbitrary URLs. (CVE-2023-5725)

Improper object tracking during GC in the JavaScript engine could have
led to a crash. (CVE-2023-5728)

Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and
Thunderbird 115.4.1. (CVE-2023-5730)

Affected Software/OS:
'thunderbird, thunderbird-l10n' package(s) on Mageia 9.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2023-5721
Debian Security Information: DSA-5535 (Google Search)
https://www.debian.org/security/2023/dsa-5535
Debian Security Information: DSA-5538 (Google Search)
https://www.debian.org/security/2023/dsa-5538
https://bugzilla.mozilla.org/show_bug.cgi?id=1830820
https://www.mozilla.org/security/advisories/mfsa2023-45/
https://www.mozilla.org/security/advisories/mfsa2023-46/
https://www.mozilla.org/security/advisories/mfsa2023-47/
https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html
https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-5724
https://bugzilla.mozilla.org/show_bug.cgi?id=1836705
Common Vulnerability Exposure (CVE) ID: CVE-2023-5725
https://bugzilla.mozilla.org/show_bug.cgi?id=1845739
Common Vulnerability Exposure (CVE) ID: CVE-2023-5728
https://bugzilla.mozilla.org/show_bug.cgi?id=1852729
Common Vulnerability Exposure (CVE) ID: CVE-2023-5730
Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1836607%2C1840918%2C1848694%2C1848833%2C1850191%2C1850259%2C1852596%2C1853201%2C1854002%2C1855306%2C1855640%2C1856695
Common Vulnerability Exposure (CVE) ID: CVE-2023-5732
https://bugzilla.mozilla.org/show_bug.cgi?id=1690979
https://bugzilla.mozilla.org/show_bug.cgi?id=1836962
https://www.mozilla.org/security/advisories/mfsa2023-34/

Copyright Copyright (C) 2023 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2023.0309
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2023-0309)
Resumen:	The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2023-0309 advisory.
Descripción:	Summary: The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2023-0309 advisory. Vulnerability Insight: The updated packages fix security vulnerabilities: Queued up rendering could have allowed websites to clickjack. (CVE-2023-5721) Address bar spoofing via bidirectional characters. (CVE-2023-5732) Large WebGL draw could have led to a crash. (CVE-2023-5724) WebExtensions could open arbitrary URLs. (CVE-2023-5725) Improper object tracking during GC in the JavaScript engine could have led to a crash. (CVE-2023-5728) Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1. (CVE-2023-5730) Affected Software/OS: 'thunderbird, thunderbird-l10n' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-5721 Debian Security Information: DSA-5535 (Google Search) https://www.debian.org/security/2023/dsa-5535 Debian Security Information: DSA-5538 (Google Search) https://www.debian.org/security/2023/dsa-5538 https://bugzilla.mozilla.org/show_bug.cgi?id=1830820 https://www.mozilla.org/security/advisories/mfsa2023-45/ https://www.mozilla.org/security/advisories/mfsa2023-46/ https://www.mozilla.org/security/advisories/mfsa2023-47/ https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html Common Vulnerability Exposure (CVE) ID: CVE-2023-5724 https://bugzilla.mozilla.org/show_bug.cgi?id=1836705 Common Vulnerability Exposure (CVE) ID: CVE-2023-5725 https://bugzilla.mozilla.org/show_bug.cgi?id=1845739 Common Vulnerability Exposure (CVE) ID: CVE-2023-5728 https://bugzilla.mozilla.org/show_bug.cgi?id=1852729 Common Vulnerability Exposure (CVE) ID: CVE-2023-5730 Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1836607%2C1840918%2C1848694%2C1848833%2C1850191%2C1850259%2C1852596%2C1853201%2C1854002%2C1855306%2C1855640%2C1856695 Common Vulnerability Exposure (CVE) ID: CVE-2023-5732 https://bugzilla.mozilla.org/show_bug.cgi?id=1690979 https://bugzilla.mozilla.org/show_bug.cgi?id=1836962 https://www.mozilla.org/security/advisories/mfsa2023-34/
Copyright	Copyright (C) 2023 Greenbone AG