Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.809821
Kategorie:General
Titel:Mozilla Thunderbird Security Update (mfsa_2016-93_2016-93) - Windows
Zusammenfassung:Mozilla Thunderbird is prone to multiple vulnerabilities.
Beschreibung:Summary:
Mozilla Thunderbird is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- Heap-buffer-overflow WRITE in rasterize_edges_1.

- Arbitrary target directory for result files of update process.

- Incorrect argument length checking in JavaScript.

- Integer overflow leading to a buffer overflow in nsScriptLoadHandler.

- Same-origin policy violation using local HTML file and saved shortcut file.

- Insufficient timing side-channel resistance in divSpoiler.

Vulnerability Impact:
Successful exploitation of this vulnerability
will allow remote attackers to execute arbitrary code, to delete arbitrary files
by leveraging certain local file execution, to obtain sensitive information, and
to cause a denial of service.

Affected Software/OS:
Mozilla Thunderbird versions before 45.5.

Solution:
Update to version 45.5 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: BugTraq ID: 94339
BugTraq ID: 94336
BugTraq ID: 94341
BugTraq ID: 94335
Common Vulnerability Exposure (CVE) ID: CVE-2016-5296
http://www.securityfocus.com/bid/94339
Debian Security Information: DSA-3730 (Google Search)
https://www.debian.org/security/2016/dsa-3730
https://security.gentoo.org/glsa/201701-15
RedHat Security Advisories: RHSA-2016:2780
http://rhn.redhat.com/errata/RHSA-2016-2780.html
http://www.securitytracker.com/id/1037298
Common Vulnerability Exposure (CVE) ID: CVE-2016-5294
http://www.securityfocus.com/bid/94336
Common Vulnerability Exposure (CVE) ID: CVE-2016-5297
Common Vulnerability Exposure (CVE) ID: CVE-2016-9066
Common Vulnerability Exposure (CVE) ID: CVE-2016-5291
Common Vulnerability Exposure (CVE) ID: CVE-2016-9074
http://www.securityfocus.com/bid/94341
https://security.gentoo.org/glsa/201701-46
Common Vulnerability Exposure (CVE) ID: CVE-2016-5290
http://www.securityfocus.com/bid/94335
RedHat Security Advisories: RHSA-2016:2825
http://rhn.redhat.com/errata/RHSA-2016-2825.html
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.