Showing 1 - 3 of 3

CVE-2017-7846

Status Candidate

Overview

It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View -> Feed article -> Website" or in the standard format of "View -> Feed article -> default format". This vulnerability affects Thunderbird < 52.5.2.

Related Files

Gentoo Linux Security Advisory 201803-14: Posted Mar 28, 2018; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201803-14 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to the execution of arbitrary code. Versions less than 52.6.0 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2017-7753, CVE-2017-7779, CVE-2017-7784, CVE-2017-7785, CVE-2017-7786, CVE-2017-7787, CVE-2017-7791, CVE-2017-7792, CVE-2017-7793, CVE-2017-7800, CVE-2017-7801, CVE-2017-7802, CVE-2017-7803, CVE-2017-7805, CVE-2017-7807, CVE-2017-7809, CVE-2017-7810, CVE-2017-7814, CVE-2017-7818, CVE-2017-7819, CVE-2017-7823, CVE-2017-7824, CVE-2017-7825, CVE-2017-7826, CVE-2017-7828, CVE-2017-7829, CVE-2017-7830, CVE-2017-7846; MD5 | 5ddbc925dbf0c2c815795cce8d5692dc; Download | Favorite | View

Ubuntu Security Notice USN-3529-1: Posted Jan 30, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3529-1 - It was discovered that a From address encoded with a null character is cut off in the message header display. An attacker could potentially exploit this to spoof the sender address. It was discovered that it is possible to execute JavaScript in RSS feeds in some circumstances. If a user were tricked in to opening a specially crafted RSS feed, an attacker could potentially exploit this in combination with another vulnerability, in order to cause unspecified problems. Various other issues were also addressed.; tags | advisory, spoof, javascript; systems | linux, ubuntu; advisories | CVE-2017-7829, CVE-2017-7846, CVE-2017-7847, CVE-2017-7848, CVE-2018-5013, CVE-2018-5089, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, CVE-2018-5117; MD5 | d84c99d87e33bb182108e9d20d529f0f; Download | Favorite | View

Red Hat Security Advisory 2018-0061-01: Posted Jan 8, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-0061-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.5.2. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.; tags | advisory, web, arbitrary; systems | linux, redhat; advisories | CVE-2017-7829, CVE-2017-7846, CVE-2017-7847, CVE-2017-7848; MD5 | 57ab4436794ccc7f5375e140dae03e15; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 109 files
Ubuntu 43 files
Gentoo 13 files
Apple 12 files
Benjamin Kunz Mejri 10 files
Google Security Research 9 files
Besim Altinok 6 files
BKpatron 6 files
Zied Aouini 5 files
h00die 5 files

File Archives

Systems

AIX (417)
Apple (1,724)
BSD (366)
Cisco (1,888)
Debian (5,944)
Fedora (1,688)
FreeBSD (1,239)
Gentoo (3,829)
HPUX (871)
iOS (261)
iPhone (107)
IRIX (220)
Juniper (67)
Linux (37,627)
Mac OS X (668)
Mandriva (3,105)
NetBSD (255)
OpenBSD (471)
RedHat (8,582)
Slackware (941)
Solaris (1,591)
SUSE (1,444)
Ubuntu (6,683)
UNIX (8,660)
UnixWare (178)
Windows (5,635)
Other

CVE-2017-7846

Overview

Related Files

File Archive:

June 2020

Top Authors In Last 30 Days

File Tags

File Archives

Systems