Download
| Alert*
oval:org.secpod.oval:def:63000
The host is missing a critical security update according to Mozilla advisory, MFSA2020-18. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:66549 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:64139 Multiple security issues have been found in Thunderbird which could result in spoofing the displayed sender email address, denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:64118 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:503742 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:503743 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:503744 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:63002 Mozilla Thunderbird 68.8.0 : By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. oval:org.secpod.oval:def:62972 The host is missing a critical security update according to Mozilla advisory, MFSA2020-18. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:62977 Mozilla Thunderbird 68.8.0 : By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. oval:org.secpod.oval:def:705489 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:1502908 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:604843 Multiple security issues have been found in Thunderbird which could result in spoofing the displayed sender email address, denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:1504182 [68.8.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [68.8.0-1] - Update to 68.8.0 build2 oval:org.secpod.oval:def:205564 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:205566 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:1502910 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2105821 Oracle Solaris 11 - ( CVE-2020-6814 ) oval:org.secpod.oval:def:1700336 The Mozilla Foundation Security Advisory describes this flaw as:On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability aff ... |