Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.851258
Kategorie:SuSE Local Security Checks
Titel:openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2016:0876-1)
Zusammenfassung:The remote host is missing an update for the 'MozillaThunderbird'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'MozillaThunderbird'
package(s) announced via the referenced advisory.

Vulnerability Insight:
MozillaThunderbird was updated to 38.7.0 to fix the following issues:

* Update to Thunderbird 38.7.0 (boo#969894)

* MFSA 2015-81/CVE-2015-4477 (bmo#1179484) Use-after-free in MediaStream
playback

* MFSA 2015-136/CVE-2015-7207 (bmo#1185256) Same-origin policy violation
using performance.getEntries and history navigation

* MFSA 2016-16/CVE-2016-1952 Miscellaneous memory safety hazards

* MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and
potential privilege escalation through CSP reports

* MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in libstagefright
when deleting an array during MP4 processing

* MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be
overridden

* MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free
in HTML5 string parser

* MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free
in SetBody

* MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using
multiple WebRTC data channels

* MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML
transformations

* MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though
history navigation and Location protocol property

* MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with
malicious NPAPI plugin

* MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML
parser following a failed allocation

* MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/
CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/
CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/
CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the
Graphite 2 library

Affected Software/OS:
MozillaThunderbird on openSUSE Leap 42.1, openSUSE 13.2

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-4477
https://security.gentoo.org/glsa/201605-06
http://www.securitytracker.com/id/1033247
SuSE Security Announcement: openSUSE-SU-2015:1389 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html
SuSE Security Announcement: openSUSE-SU-2015:1390 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html
SuSE Security Announcement: openSUSE-SU-2016:0876 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
SuSE Security Announcement: openSUSE-SU-2016:0894 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
http://www.ubuntu.com/usn/USN-2702-1
http://www.ubuntu.com/usn/USN-2702-2
http://www.ubuntu.com/usn/USN-2702-3
Common Vulnerability Exposure (CVE) ID: CVE-2015-7207
BugTraq ID: 79280
http://www.securityfocus.com/bid/79280
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html
https://security.gentoo.org/glsa/201512-10
https://github.com/w3c/resource-timing/issues/29
http://www.securitytracker.com/id/1034426
SuSE Security Announcement: openSUSE-SU-2015:2353 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html
SuSE Security Announcement: openSUSE-SU-2016:0307 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html
SuSE Security Announcement: openSUSE-SU-2016:0308 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html
http://www.ubuntu.com/usn/USN-2833-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-1952
Debian Security Information: DSA-3510 (Google Search)
http://www.debian.org/security/2016/dsa-3510
http://www.securitytracker.com/id/1035215
SuSE Security Announcement: SUSE-SU-2016:0727 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
SuSE Security Announcement: SUSE-SU-2016:0777 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
SuSE Security Announcement: SUSE-SU-2016:0820 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
SuSE Security Announcement: SUSE-SU-2016:0909 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
SuSE Security Announcement: openSUSE-SU-2016:0731 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
SuSE Security Announcement: openSUSE-SU-2016:0733 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
SuSE Security Announcement: openSUSE-SU-2016:1767 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
SuSE Security Announcement: openSUSE-SU-2016:1769 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
SuSE Security Announcement: openSUSE-SU-2016:1778 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
http://www.ubuntu.com/usn/USN-2917-1
http://www.ubuntu.com/usn/USN-2917-2
http://www.ubuntu.com/usn/USN-2917-3
http://www.ubuntu.com/usn/USN-2934-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-1954
Debian Security Information: DSA-3520 (Google Search)
http://www.debian.org/security/2016/dsa-3520
Common Vulnerability Exposure (CVE) ID: CVE-2016-1957
Common Vulnerability Exposure (CVE) ID: CVE-2016-1958
Common Vulnerability Exposure (CVE) ID: CVE-2016-1960
https://www.exploit-db.com/exploits/42484/
https://www.exploit-db.com/exploits/44294/
http://zerodayinitiative.com/advisories/ZDI-16-198/
Common Vulnerability Exposure (CVE) ID: CVE-2016-1961
http://zerodayinitiative.com/advisories/ZDI-16-199/
Common Vulnerability Exposure (CVE) ID: CVE-2016-1962
Common Vulnerability Exposure (CVE) ID: CVE-2016-1964
Common Vulnerability Exposure (CVE) ID: CVE-2016-1965
Common Vulnerability Exposure (CVE) ID: CVE-2016-1966
Common Vulnerability Exposure (CVE) ID: CVE-2016-1974
Common Vulnerability Exposure (CVE) ID: CVE-2016-1977
BugTraq ID: 84222
http://www.securityfocus.com/bid/84222
Debian Security Information: DSA-3515 (Google Search)
http://www.debian.org/security/2016/dsa-3515
https://security.gentoo.org/glsa/201701-63
http://www.ubuntu.com/usn/USN-2927-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-2790
Common Vulnerability Exposure (CVE) ID: CVE-2016-2791
Common Vulnerability Exposure (CVE) ID: CVE-2016-2792
Common Vulnerability Exposure (CVE) ID: CVE-2016-2793
Common Vulnerability Exposure (CVE) ID: CVE-2016-2794
Common Vulnerability Exposure (CVE) ID: CVE-2016-2795
Common Vulnerability Exposure (CVE) ID: CVE-2016-2796
Common Vulnerability Exposure (CVE) ID: CVE-2016-2797
Common Vulnerability Exposure (CVE) ID: CVE-2016-2798
Common Vulnerability Exposure (CVE) ID: CVE-2016-2799
Common Vulnerability Exposure (CVE) ID: CVE-2016-2800
Common Vulnerability Exposure (CVE) ID: CVE-2016-2801
Common Vulnerability Exposure (CVE) ID: CVE-2016-2802
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.