Ubuntu Security Notice 3165-1 - Multiple memory safety issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. Andrew Krasichkov discovered that event handlers on <marquee> elements were executed despite a Content Security Policy that disallowed inline JavaScript. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit this to conduct cross-site scripting attacks. Various other issues were also addressed.
a6d7c87b94507e79d2f3c6cb057b062f2bd412b17f050878ba193c58deebfa3dDebian Linux Security Advisory 3757-1 - Multiple security issues have been found in Icedove, Debian's version of to the execution of arbitrary code, data leakage or bypass of the content security policy.
0a02d9d8783bc95b8d2aa6e9b7e1928fedda468aa86f0fc8a031b59bc1658458Red Hat Security Advisory 2016-2973-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.6.0. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
f0801e28a9ec678eea4dd18d37df46861e8acb9138002bbb0ab0f20eb0c58c65Red Hat Security Advisory 2016-2946-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.6.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
84564515b5f9d776044d365d809f99f157eb14f3275091f7c8501626652858c4Ubuntu Security Notice 3155-1 - Multiple security vulnerabilities were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to conduct cross-site scripting attacks, obtain sensitive information, cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.
b6364d5c8c628bdd3dd607dcd630f92aac73f757ae6bad2d66a2c640a03b6bf8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed