Showing 1 - 3 of 3

CVE-2017-7846

Status Candidate

Overview

It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View -> Feed article -> Website" or in the standard format of "View -> Feed article -> default format". This vulnerability affects Thunderbird < 52.5.2.

Related Files

Gentoo Linux Security Advisory 201803-14: Posted Mar 28, 2018; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201803-14 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to the execution of arbitrary code. Versions less than 52.6.0 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2017-7753, CVE-2017-7779, CVE-2017-7784, CVE-2017-7785, CVE-2017-7786, CVE-2017-7787, CVE-2017-7791, CVE-2017-7792, CVE-2017-7793, CVE-2017-7800, CVE-2017-7801, CVE-2017-7802, CVE-2017-7803, CVE-2017-7805, CVE-2017-7807, CVE-2017-7809, CVE-2017-7810, CVE-2017-7814, CVE-2017-7818, CVE-2017-7819, CVE-2017-7823, CVE-2017-7824, CVE-2017-7825, CVE-2017-7826, CVE-2017-7828, CVE-2017-7829, CVE-2017-7830, CVE-2017-7846; MD5 | 5ddbc925dbf0c2c815795cce8d5692dc; Download | Favorite | View

Ubuntu Security Notice USN-3529-1: Posted Jan 30, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3529-1 - It was discovered that a From address encoded with a null character is cut off in the message header display. An attacker could potentially exploit this to spoof the sender address. It was discovered that it is possible to execute JavaScript in RSS feeds in some circumstances. If a user were tricked in to opening a specially crafted RSS feed, an attacker could potentially exploit this in combination with another vulnerability, in order to cause unspecified problems. Various other issues were also addressed.; tags | advisory, spoof, javascript; systems | linux, ubuntu; advisories | CVE-2017-7829, CVE-2017-7846, CVE-2017-7847, CVE-2017-7848, CVE-2018-5013, CVE-2018-5089, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, CVE-2018-5117; MD5 | d84c99d87e33bb182108e9d20d529f0f; Download | Favorite | View

Red Hat Security Advisory 2018-0061-01: Posted Jan 8, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-0061-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.5.2. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.; tags | advisory, web, arbitrary; systems | linux, redhat; advisories | CVE-2017-7829, CVE-2017-7846, CVE-2017-7847, CVE-2017-7848; MD5 | 57ab4436794ccc7f5375e140dae03e15; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 53 files
Ubuntu 29 files
Gentoo 26 files
malvuln 26 files
Jeremy Brown 7 files
Mesut Cetin 6 files
Aakash Madaan 6 files
SunCSR 6 files
1F98D 5 files
Georg Ph E Heise 5 files

File Archives

Systems

AIX (421)
Apple (1,760)
BSD (368)
Cisco (1,901)
Debian (5,945)
Fedora (1,688)
FreeBSD (1,241)
Gentoo (4,010)
HPUX (873)
iOS (280)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (39,200)
Mac OS X (672)
Mandriva (3,105)
NetBSD (255)
OpenBSD (472)
RedHat (9,543)
Slackware (941)
Solaris (1,597)
SUSE (1,444)
Ubuntu (7,062)
UNIX (8,822)
UnixWare (180)
Windows (5,721)
Other

CVE-2017-7846

Overview

Related Files

File Archive:

January 2021

Top Authors In Last 30 Days

File Tags

File Archives

Systems