Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2024-0050)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2024.0050

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2024-0050)

Resumen: The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2024-0050 advisory.

Descripción: Summary:
The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2024-0050 advisory.

Vulnerability Insight:
The updated packages fix security vulnerabilities:
Out-of-bounds memory read in networking channels. (CVE-2024-1546)
Alert dialog could have been spoofed on another site. (CVE-2024-1547)
Fullscreen Notification could have been hidden by select element.
(CVE-2024-1548)
Custom cursor could obscure the permission dialog. (CVE-2024-1549)
Mouse cursor re-positioned unexpectedly could have led to unintended
permission grants. (CVE-2024-1550)
Multipart HTTP Responses would accept the Set-Cookie header in response
parts. (CVE-2024-1551)
Incorrect code generation on 32-bit ARM devices. (CVE-2024-1552)
Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and
Thunderbird 115.8. (CVE-2024-1553)

Affected Software/OS:
'thunderbird, thunderbird-l10n' package(s) on Mageia 9.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:C/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2024-1546
https://bugzilla.mozilla.org/show_bug.cgi?id=1843752
https://www.mozilla.org/security/advisories/mfsa2024-05/
https://www.mozilla.org/security/advisories/mfsa2024-06/
https://www.mozilla.org/security/advisories/mfsa2024-07/
https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
Common Vulnerability Exposure (CVE) ID: CVE-2024-1547
https://bugzilla.mozilla.org/show_bug.cgi?id=1877879
Common Vulnerability Exposure (CVE) ID: CVE-2024-1548
https://bugzilla.mozilla.org/show_bug.cgi?id=1832627
Common Vulnerability Exposure (CVE) ID: CVE-2024-1549
https://bugzilla.mozilla.org/show_bug.cgi?id=1833814
Common Vulnerability Exposure (CVE) ID: CVE-2024-1550
https://bugzilla.mozilla.org/show_bug.cgi?id=1860065
Common Vulnerability Exposure (CVE) ID: CVE-2024-1551
https://bugzilla.mozilla.org/show_bug.cgi?id=1864385
Common Vulnerability Exposure (CVE) ID: CVE-2024-1552
https://bugzilla.mozilla.org/show_bug.cgi?id=1874502
Common Vulnerability Exposure (CVE) ID: CVE-2024-1553
Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286

Copyright Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2024.0050
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2024-0050)
Resumen:	The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2024-0050 advisory.
Descripción:	Summary: The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2024-0050 advisory. Vulnerability Insight: The updated packages fix security vulnerabilities: Out-of-bounds memory read in networking channels. (CVE-2024-1546) Alert dialog could have been spoofed on another site. (CVE-2024-1547) Fullscreen Notification could have been hidden by select element. (CVE-2024-1548) Custom cursor could obscure the permission dialog. (CVE-2024-1549) Mouse cursor re-positioned unexpectedly could have led to unintended permission grants. (CVE-2024-1550) Multipart HTTP Responses would accept the Set-Cookie header in response parts. (CVE-2024-1551) Incorrect code generation on 32-bit ARM devices. (CVE-2024-1552) Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. (CVE-2024-1553) Affected Software/OS: 'thunderbird, thunderbird-l10n' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-1546 https://bugzilla.mozilla.org/show_bug.cgi?id=1843752 https://www.mozilla.org/security/advisories/mfsa2024-05/ https://www.mozilla.org/security/advisories/mfsa2024-06/ https://www.mozilla.org/security/advisories/mfsa2024-07/ https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html Common Vulnerability Exposure (CVE) ID: CVE-2024-1547 https://bugzilla.mozilla.org/show_bug.cgi?id=1877879 Common Vulnerability Exposure (CVE) ID: CVE-2024-1548 https://bugzilla.mozilla.org/show_bug.cgi?id=1832627 Common Vulnerability Exposure (CVE) ID: CVE-2024-1549 https://bugzilla.mozilla.org/show_bug.cgi?id=1833814 Common Vulnerability Exposure (CVE) ID: CVE-2024-1550 https://bugzilla.mozilla.org/show_bug.cgi?id=1860065 Common Vulnerability Exposure (CVE) ID: CVE-2024-1551 https://bugzilla.mozilla.org/show_bug.cgi?id=1864385 Common Vulnerability Exposure (CVE) ID: CVE-2024-1552 https://bugzilla.mozilla.org/show_bug.cgi?id=1874502 Common Vulnerability Exposure (CVE) ID: CVE-2024-1553 Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286
Copyright	Copyright (C) 2024 Greenbone AG