Showing 1 - 3 of 3

CVE-2017-7846

Status Candidate

Overview

It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View -> Feed article -> Website" or in the standard format of "View -> Feed article -> default format". This vulnerability affects Thunderbird < 52.5.2.

Related Files

Gentoo Linux Security Advisory 201803-14: Posted Mar 28, 2018; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201803-14 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to the execution of arbitrary code. Versions less than 52.6.0 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2017-7753, CVE-2017-7779, CVE-2017-7784, CVE-2017-7785, CVE-2017-7786, CVE-2017-7787, CVE-2017-7791, CVE-2017-7792, CVE-2017-7793, CVE-2017-7800, CVE-2017-7801, CVE-2017-7802, CVE-2017-7803, CVE-2017-7805, CVE-2017-7807, CVE-2017-7809, CVE-2017-7810, CVE-2017-7814, CVE-2017-7818, CVE-2017-7819, CVE-2017-7823, CVE-2017-7824, CVE-2017-7825, CVE-2017-7826, CVE-2017-7828, CVE-2017-7829, CVE-2017-7830, CVE-2017-7846; MD5 | 5ddbc925dbf0c2c815795cce8d5692dc; Download | Favorite | Comments (0)

Ubuntu Security Notice USN-3529-1: Posted Jan 30, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3529-1 - It was discovered that a From address encoded with a null character is cut off in the message header display. An attacker could potentially exploit this to spoof the sender address. It was discovered that it is possible to execute JavaScript in RSS feeds in some circumstances. If a user were tricked in to opening a specially crafted RSS feed, an attacker could potentially exploit this in combination with another vulnerability, in order to cause unspecified problems. Various other issues were also addressed.; tags | advisory, spoof, javascript; systems | linux, ubuntu; advisories | CVE-2017-7829, CVE-2017-7846, CVE-2017-7847, CVE-2017-7848, CVE-2018-5013, CVE-2018-5089, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, CVE-2018-5117; MD5 | d84c99d87e33bb182108e9d20d529f0f; Download | Favorite | Comments (0)

Red Hat Security Advisory 2018-0061-01: Posted Jan 8, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-0061-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.5.2. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.; tags | advisory, web, arbitrary; systems | linux, redhat; advisories | CVE-2017-7829, CVE-2017-7846, CVE-2017-7847, CVE-2017-7848; MD5 | 57ab4436794ccc7f5375e140dae03e15; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 62 files
Ihsan Sencan 48 files
Google Security Research 39 files
Ubuntu 38 files
Ismail Tasdelen 30 files
Debian 16 files
LiquidWorm 9 files
Ivan Fratric 9 files
Jann Horn 9 files
ianbeer 8 files

File Archives

Systems

AIX (411)
Apple (1,586)
BSD (341)
Cisco (1,827)
Debian (5,617)
Fedora (1,683)
FreeBSD (1,201)
Gentoo (3,598)
HPUX (867)
iOS (190)
iPhone (104)
IRIX (219)
Juniper (66)
Linux (34,187)
Mac OS X (653)
Mandriva (3,105)
NetBSD (255)
OpenBSD (458)
RedHat (6,824)
Slackware (858)
Solaris (1,575)
SUSE (1,444)
Ubuntu (5,843)
UNIX (8,350)
UnixWare (174)
Windows (5,386)
Other

CVE-2017-7846

Overview

Related Files

File Archive:

October 2018

Top Authors In Last 30 Days

File Tags

File Archives

Systems