exploit the possibilities
Showing 1 - 3 of 3 RSS Feed

CVE-2017-7846

Status Candidate

Overview

It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View -> Feed article -> Website" or in the standard format of "View -> Feed article -> default format". This vulnerability affects Thunderbird < 52.5.2.

Related Files

Gentoo Linux Security Advisory 201803-14
Posted Mar 28, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201803-14 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to the execution of arbitrary code. Versions less than 52.6.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-7753, CVE-2017-7779, CVE-2017-7784, CVE-2017-7785, CVE-2017-7786, CVE-2017-7787, CVE-2017-7791, CVE-2017-7792, CVE-2017-7793, CVE-2017-7800, CVE-2017-7801, CVE-2017-7802, CVE-2017-7803, CVE-2017-7805, CVE-2017-7807, CVE-2017-7809, CVE-2017-7810, CVE-2017-7814, CVE-2017-7818, CVE-2017-7819, CVE-2017-7823, CVE-2017-7824, CVE-2017-7825, CVE-2017-7826, CVE-2017-7828, CVE-2017-7829, CVE-2017-7830, CVE-2017-7846
MD5 | 5ddbc925dbf0c2c815795cce8d5692dc
Ubuntu Security Notice USN-3529-1
Posted Jan 30, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3529-1 - It was discovered that a From address encoded with a null character is cut off in the message header display. An attacker could potentially exploit this to spoof the sender address. It was discovered that it is possible to execute JavaScript in RSS feeds in some circumstances. If a user were tricked in to opening a specially crafted RSS feed, an attacker could potentially exploit this in combination with another vulnerability, in order to cause unspecified problems. Various other issues were also addressed.

tags | advisory, spoof, javascript
systems | linux, ubuntu
advisories | CVE-2017-7829, CVE-2017-7846, CVE-2017-7847, CVE-2017-7848, CVE-2018-5013, CVE-2018-5089, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, CVE-2018-5117
MD5 | d84c99d87e33bb182108e9d20d529f0f
Red Hat Security Advisory 2018-0061-01
Posted Jan 8, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0061-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.5.2. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-7829, CVE-2017-7846, CVE-2017-7847, CVE-2017-7848
MD5 | 57ab4436794ccc7f5375e140dae03e15
Page 1 of 1
Back1Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    9 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close