Ubuntu Security Notice 4202-2 - USN-4202-1 fixed vulnerabilities in Thunderbird. After upgrading, Thunderbird created a new profile for some users. This update fixes the problem. It was discovered that a specially crafted S/MIME message with an inner encryption layer could be displayed as having a valid signature in some circumstances, even if the signer had no access to the encrypted message. An attacker could potentially exploit this to spoof the message author. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, bypass same-origin restrictions, conduct cross-site scripting attacks, or execute arbitrary code. A heap overflow was discovered in the expat library in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code.
0508b25ed86166d9e8ad492da3dab33c26ea8d976fc0c2aaea774bea64b55912Gentoo Linux Security Advisory 201911-8 - Multiple vulnerabilities have been found in Expat, the worst of which could result in a Denial of Service condition. Versions less than 2.2.8 are affected.
47162c7e1df3889457be23a657c191abf49d902bd68ccdb3bc1755160377b0d2Debian Linux Security Advisory 4571-1 - Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code or denial of service.
d1da11dc68e0e483876a30896b2795e84ff6d0181f67e226306de8a7caa0ee6dRed Hat Security Advisory 2019-3756-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Issues addressed include buffer overflow, bypass, cross site scripting, and use-after-free vulnerabilities.
59bfe19103b4687534079d95b182dc1f8f3e30930f4ee500b46157a6721ebe55Red Hat Security Advisory 2019-3237-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Issues addressed include buffer overflow, bypass, cross site scripting, and use-after-free vulnerabilities.
6e152cb6de1e407aa24b73531b0f86c2b267e661039302e9f7cebbccf0d21018Red Hat Security Advisory 2019-3210-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Issues addressed include buffer overflow, bypass, cross site scripting, and use-after-free vulnerabilities.
eab73ea98afa2e510f2453560cb7938674b64634ab997ecd098678cd1b3c6421Debian Linux Security Advisory 4549-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, cross-site scripting or denial of service.
c2f9b81b56dcc0573ebe0c44438c4c6fe6b00da6af49f7ffbe87d446c4117271Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
f7f527b29f8543776ff99d7a6d581ab08d43b05404ef93897f1a7728c884d2f7Slackware Security Advisory - New python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
6e16f3aa88276b6f120411e834953cbd8b1d1e3547deb2d4e80297d7c49b6eb3Debian Linux Security Advisory 4530-1 - It was discovered that Expat, an XML parsing C library, did not properly handled internal entities closing the doctype, potentially resulting in denial of service or information disclosure if a malformed XML file is processed.
9cee2c8942bc273319fe7a37df2b71158ae6eace203f2937cc0905f3d5645df1Slackware Security Advisory - New expat packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
68a44166360d4fbde9c545583a061622e7d55161bfae91a0047ef2512402a8dbUbuntu Security Notice 4132-2 - USN-4132-1 fixed a vulnerability in Expat. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.
fbf826848766fbaf6449cfc545a84245112caf7d7af0ab789fe8de9e2663cc08Ubuntu Security Notice 4132-1 - It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.
5ae3d88ee962e285840c5782f010c4b59205cbcb83198b238a4a581d3a31fa04
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed