Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.809821 |
Categoría: | General |
Título: | Mozilla Thunderbird Security Update (mfsa_2016-93_2016-93) - Windows |
Resumen: | Mozilla Thunderbird is prone to multiple vulnerabilities. |
Descripción: | Summary: Mozilla Thunderbird is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - Heap-buffer-overflow WRITE in rasterize_edges_1. - Arbitrary target directory for result files of update process. - Incorrect argument length checking in JavaScript. - Integer overflow leading to a buffer overflow in nsScriptLoadHandler. - Same-origin policy violation using local HTML file and saved shortcut file. - Insufficient timing side-channel resistance in divSpoiler. Vulnerability Impact: Successful exploitation of this vulnerability will allow remote attackers to execute arbitrary code, to delete arbitrary files by leveraging certain local file execution, to obtain sensitive information, and to cause a denial of service. Affected Software/OS: Mozilla Thunderbird versions before 45.5. Solution: Update to version 45.5 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
Referencia Cruzada: |
BugTraq ID: 94339 BugTraq ID: 94336 BugTraq ID: 94341 BugTraq ID: 94335 Common Vulnerability Exposure (CVE) ID: CVE-2016-5296 http://www.securityfocus.com/bid/94339 Debian Security Information: DSA-3730 (Google Search) https://www.debian.org/security/2016/dsa-3730 https://security.gentoo.org/glsa/201701-15 RedHat Security Advisories: RHSA-2016:2780 http://rhn.redhat.com/errata/RHSA-2016-2780.html http://www.securitytracker.com/id/1037298 Common Vulnerability Exposure (CVE) ID: CVE-2016-5294 http://www.securityfocus.com/bid/94336 Common Vulnerability Exposure (CVE) ID: CVE-2016-5297 Common Vulnerability Exposure (CVE) ID: CVE-2016-9066 Common Vulnerability Exposure (CVE) ID: CVE-2016-5291 Common Vulnerability Exposure (CVE) ID: CVE-2016-9074 http://www.securityfocus.com/bid/94341 https://security.gentoo.org/glsa/201701-46 Common Vulnerability Exposure (CVE) ID: CVE-2016-5290 http://www.securityfocus.com/bid/94335 RedHat Security Advisories: RHSA-2016:2825 http://rhn.redhat.com/errata/RHSA-2016-2825.html |
Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |