Test ID:	1.3.6.1.4.1.25623.1.0.843304
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3416-1)
Summary:	The remote host is missing an update for the 'thunderbird' package(s) announced via the USN-3416-1 advisory.
Description:	Summary: The remote host is missing an update for the 'thunderbird' package(s) announced via the USN-3416-1 advisory. Vulnerability Insight: Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to bypass same-origin restrictions, bypass CSP restrictions, obtain sensitive information, spoof the origin of modal alerts, cause a denial of service via application crash, or execute arbitrary code. (CVE-2017-7753, CVE-2017-7779, CVE-2017-7784, CVE-2017-7785, CVE-2017-7787, CVE-2017-7791, CVE-2017-7792, CVE-2017-7800, CVE-2017-7801, CVE-2017-7802, CVE-2017-7803, CVE-2017-7807, CVE-2017-7809) A buffer overflow was discovered when displaying SVG content in some circumstances. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2017-7786) Affected Software/OS: 'thunderbird' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 17.04. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-7753 BugTraq ID: 100315 http://www.securityfocus.com/bid/100315 Debian Security Information: DSA-3928 (Google Search) https://www.debian.org/security/2017/dsa-3928 Debian Security Information: DSA-3968 (Google Search) https://www.debian.org/security/2017/dsa-3968 https://security.gentoo.org/glsa/201803-14 RedHat Security Advisories: RHSA-2017:2456 https://access.redhat.com/errata/RHSA-2017:2456 RedHat Security Advisories: RHSA-2017:2534 https://access.redhat.com/errata/RHSA-2017:2534 http://www.securitytracker.com/id/1039124 Common Vulnerability Exposure (CVE) ID: CVE-2017-7779 BugTraq ID: 100201 http://www.securityfocus.com/bid/100201 Common Vulnerability Exposure (CVE) ID: CVE-2017-7784 BugTraq ID: 100202 http://www.securityfocus.com/bid/100202 Common Vulnerability Exposure (CVE) ID: CVE-2017-7785 BugTraq ID: 100206 http://www.securityfocus.com/bid/100206 Common Vulnerability Exposure (CVE) ID: CVE-2017-7786 Common Vulnerability Exposure (CVE) ID: CVE-2017-7787 BugTraq ID: 100234 http://www.securityfocus.com/bid/100234 Common Vulnerability Exposure (CVE) ID: CVE-2017-7791 BugTraq ID: 100240 http://www.securityfocus.com/bid/100240 Common Vulnerability Exposure (CVE) ID: CVE-2017-7792 Common Vulnerability Exposure (CVE) ID: CVE-2017-7800 BugTraq ID: 100196 http://www.securityfocus.com/bid/100196 Common Vulnerability Exposure (CVE) ID: CVE-2017-7801 BugTraq ID: 100197 http://www.securityfocus.com/bid/100197 Common Vulnerability Exposure (CVE) ID: CVE-2017-7802 Common Vulnerability Exposure (CVE) ID: CVE-2017-7803 Common Vulnerability Exposure (CVE) ID: CVE-2017-7807 BugTraq ID: 100242 http://www.securityfocus.com/bid/100242 Common Vulnerability Exposure (CVE) ID: CVE-2017-7809 BugTraq ID: 100203 http://www.securityfocus.com/bid/100203
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.