|Title:||Mozilla Thunderbird Security Updates(mfsa_2017-03_2017-03)-MAC OS X|
|Summary:||This host is installed with Mozilla; Thunderbird and is prone to multiple vulnerabilities.|
This host is installed with Mozilla
Thunderbird and is prone to multiple vulnerabilities.
The multiple flaws exist due to,
- Excessive JIT code allocation allows bypass of ASLR and DEP.
- Use-after-free in XSL.
- Potential use-after-free during DOM manipulations.
- Insecure communication methods in Developer Tools JSON viewer.
- Use-after-free with Media Decoder.
- Location bar spoofing with unicode characters.
- Memory safety bugs fixed in Thunderbird 45.7..
Successful exploitation of this vulnerability
will allow remote attackers to execute arbitrary code, to delete arbitrary files
by leveraging certain local file execution, to obtain sensitive information,
and to cause a denial of service.
Impact Level: System/Application.
Mozilla Thunderbird version before
45.7 on MAC OS X.
Upgrade to Mozilla Thunderbird version 45.7
For updates refer https://www.mozilla.org/en-US/thunderbird
BugTraq ID: 95757|
BugTraq ID: 95758
BugTraq ID: 95769
BugTraq ID: 95762
Common Vulnerability Exposure (CVE) ID: CVE-2017-5375
Common Vulnerability Exposure (CVE) ID: CVE-2017-5376
Common Vulnerability Exposure (CVE) ID: CVE-2017-5378
Common Vulnerability Exposure (CVE) ID: CVE-2017-5380
Common Vulnerability Exposure (CVE) ID: CVE-2017-5390
Common Vulnerability Exposure (CVE) ID: CVE-2017-5396
Common Vulnerability Exposure (CVE) ID: CVE-2017-5383
Common Vulnerability Exposure (CVE) ID: CVE-2017-5373
|Copyright||Copyright (C) 2017 Greenbone Networks GmbH|
|This is only one of 54701 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.