Download
| Alert*
oval:org.secpod.oval:def:601326
icedove is installed oval:org.secpod.oval:def:600930 Multiple vulnerabilities have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client. CVE-2012-4201 The evalInSandbox implementation uses an incorrect context during the handling of JavaScript code that sets the location.href property, which allows remote attackers t ... oval:org.secpod.oval:def:600896 Several vulnerabilities were discovered in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client. This includes several instances of use-after-free and buffer overflow issues. The reported vulnerabilities could lead to the execution of arbitrary code, and additionally to the bypa ... oval:org.secpod.oval:def:600910 Multiple vulnerabilities have been discovered in Icedove, Debian"s version of the Mozilla Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-3982 Multiple unspecified vulnerabilities in the browser engine allow remote attackers to ca ... oval:org.secpod.oval:def:600794 Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. CVE-2012-0467 Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory corruptio ... oval:org.secpod.oval:def:600523 Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. CVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081 "Scoobidiver", Ian Beer Bob Clary, Henri Sivonen, ... oval:org.secpod.oval:def:600763 Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. CVE-2012-0455 Soroush Dalili discovered that a cross-site scripting countermeasure related to Javascript URLs could be bypassed. CVE-2012-0456 Atte Kettunen discovered an out of bounds ... oval:org.secpod.oval:def:600729 Several vulnerabilities have been discovered in Icedove, Debian"s variant of the Mozilla Thunderbird code base. CVE-2011-3670 Icedove does not not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a ... oval:org.secpod.oval:def:600805 The latest security update, DSA-2464-1, for Icedove, Debian"s version of the Mozilla Thunderbird mail client, contained a regression: the removal of UTF-7 support resulted in incorrect display of IMAP folder names. oval:org.secpod.oval:def:600609 Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. CVE-2011-0084 "regenrecht" discovered that incorrect pointer handling in the SVG processing code could lead to the execution of arbitrary code. CVE-2011-2378 "regenrecht& ... oval:org.secpod.oval:def:600802 The updates DSA-2457 and DSA-2458 for Iceweasel and Icedove introduced a regression, which could lead to crashes when interpreting some Javascript statements. For the stable distribution , this problem has been fixed in version 3.5.16-15 oval:org.secpod.oval:def:600868 Several vulnerabilities were discovered in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client. CVE-2012-1948 Multiple unspecified vulnerabilities in the browser engine were fixed. CVE-2012-1950 The underlying browser engine allows address bar spoofing through drag-and-drop. CV ... oval:org.secpod.oval:def:600209 Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. CVE-2010-1585 Roberto Suggi Liverani discovered that the sanitising performed by ParanoidFragmentSink was incomplete. CVE-2011-0053 Crashes in the layout engine may lead to the executio ... oval:org.secpod.oval:def:601067 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors, use-after-free vulnerabilities, missing permission checks, incorrect memory handling and other implementaton errors may lead to the execution of arbit ... oval:org.secpod.oval:def:601111 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code. The Icedove version in the oldstable distribution is no longer supported with full s ... oval:org.secpod.oval:def:601094 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors, missing permission checks and other implementation errors may lead to the execution of arbitrary code or cross-site scripting. The Icedove version in ... oval:org.secpod.oval:def:601863 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, the bypass of security restrictions or ... oval:org.secpod.oval:def:601268 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure or denial of s ... oval:org.secpod.oval:def:601285 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors, buffer overflows, missing permission checks, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrar ... oval:org.secpod.oval:def:601976 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors and implementation errors may lead to the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:601798 Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS , was parsing ASN.1 data used in signatures, making it vulnerable to a signature forgery attack. An attacker could craft ASN.1 data to forge RSA certificates with a valid certification chain to a trusted CA. oval:org.secpod.oval:def:601778 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:602025 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail client: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code, the bypass of security restrictions or denial of service. oval:org.secpod.oval:def:601818 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code or denial of service. This update update ... oval:org.secpod.oval:def:601915 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors and implementation errors may lead to the execution of arbitrary code, information leaks or denial of service. oval:org.secpod.oval:def:602101 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail client: Multiple memory safety errors, buffer overflows and use-after-frees may lead to the execution of arbitrary code, privilege escalation or denial of service. oval:org.secpod.oval:def:602856 Multiple security issues have been found in Thunderbird, which may may lead to the execution of arbitrary code or information leaks. With this update, the Icedove packages are de-branded back to the official Mozilla branding. With the removing of the Debian branding the packages are also renamed bac ... oval:org.secpod.oval:def:602734 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail client: Multiple vulnerabilities may lead to the execution of arbitrary code, data leakage or bypass of the content security policy. oval:org.secpod.oval:def:602692 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail client: Multiple memory safety errors, same-origin policy bypass issues, integer overflows, buffer overflows and use-after-frees may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:602642 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:603028 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. Debian follows the extended support releases of Thunderbird. Support for the 45.x series has ended, so starting with this update we"re now following the 52.x releases. oval:org.secpod.oval:def:53131 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:603094 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:53104 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. Debian follows the extended support releases of Thunderbird. Support for the 45.x series has ended, so starting with this update we"re now following the 52.x releases. oval:org.secpod.oval:def:602636 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:602498 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:602291 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail client: Multiple memory safety errors, integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:602431 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail client: Multiple memory safety errors, integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:602589 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:602322 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail client: Multiple memory safety errors, integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:602389 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail client: Multiple memory safety errors, integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:602540 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. Debian follows the extended support releases of Thunderbird. Support for the 38.x series has ... oval:org.secpod.oval:def:602185 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail client: multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code or denial of service. This update also addresses a vulnerability in ... oval:org.secpod.oval:def:601741 Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:600840 Several vulnerabilities have been discovered in icedove, the Debian version of the Mozilla Thunderbird mail/news client. There were miscellaneous memory safety hazards and a use-after-free issues . oval:org.secpod.oval:def:600659 Several vulnerabilities have been discovered in Icedove, a mail client based on Thunderbird. CVE-2011-3647 The JSSubScriptLoader does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a craft ... oval:org.secpod.oval:def:600649 CVE-2011-2372 Mariusz Mlynski discovered that websites could open a download dialog - which has "open" as the default action -, while a user presses the ENTER key. CVE-2011-2995 Benjamin Smedberg, Bob Clary and Jesse Ruderman discovered crashes in the rendering engine, which could lead to ... oval:org.secpod.oval:def:606527 Multiple security issues have been found in Thunderbird which could result in denial of service or potentially the execution of arbitrary code. |