English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.807636
Kategorie:General
Titel:Mozilla Thunderbird Security Update (mfsa_2015-116_2015-133) - Mac OS X
Zusammenfassung:Mozilla Thunderbird is prone to multiple vulnerabilities.
Beschreibung:Summary:
Mozilla Thunderbird is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- An improper handling of the CORS cross-origin request algorithm when
non-standard Content-Type headers are received.

- A heap Buffer Overflow in nsJPEGEncoder during image interactions in canvas.

- An insufficient validation of IP address string.

- Multiple unspecified vulnerabilities in the browser engine.

- A buffer overflow vulnerability in the rx::TextureStorage11 class in ANGLE.

- Lack of status checking in 'AddWeightedPathSegLists' and
'SVGPathSegListSMILType::Interpolate' functions.

- Missing status check in CryptoKey interface implementation.

- A memory corruption vulnerability in libjar through zip files.

- Memory corruption issues in NSS and NSPR.

- A heap-based buffer overflow in the ASN.1 decoder in Mozilla (NSS).

- An integer overflow in the PL_ARENA_ALLOCATE implementation in Mozilla (NSS)

Vulnerability Impact:
Successful exploitation of this
vulnerability will allow remote attackers to bypass security restrictions,
to execute arbitrary code and to cause denial of service.

Affected Software/OS:
Mozilla Thunderbird versions before 38.4.

Solution:
Update to version 38.4 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: BugTraq ID: 77416
BugTraq ID: 77415
BugTraq ID: 77411
Common Vulnerability Exposure (CVE) ID: CVE-2015-7181
http://www.securityfocus.com/bid/77416
BugTraq ID: 91787
http://www.securityfocus.com/bid/91787
Debian Security Information: DSA-3393 (Google Search)
http://www.debian.org/security/2015/dsa-3393
Debian Security Information: DSA-3410 (Google Search)
http://www.debian.org/security/2015/dsa-3410
Debian Security Information: DSA-3688 (Google Search)
http://www.debian.org/security/2016/dsa-3688
https://security.gentoo.org/glsa/201512-10
https://security.gentoo.org/glsa/201605-06
http://packetstormsecurity.com/files/134268/Slackware-Security-Advisory-mozilla-nss-Updates.html
RedHat Security Advisories: RHSA-2015:1980
http://rhn.redhat.com/errata/RHSA-2015-1980.html
RedHat Security Advisories: RHSA-2015:1981
http://rhn.redhat.com/errata/RHSA-2015-1981.html
http://www.securitytracker.com/id/1034069
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.399753
SuSE Security Announcement: SUSE-SU-2015:1926 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html
SuSE Security Announcement: SUSE-SU-2015:1978 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html
SuSE Security Announcement: SUSE-SU-2015:1981 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html
SuSE Security Announcement: SUSE-SU-2015:2081 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html
SuSE Security Announcement: openSUSE-SU-2015:1942 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html
SuSE Security Announcement: openSUSE-SU-2015:2229 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html
SuSE Security Announcement: openSUSE-SU-2015:2245 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html
http://www.ubuntu.com/usn/USN-2785-1
http://www.ubuntu.com/usn/USN-2791-1
http://www.ubuntu.com/usn/USN-2819-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-7182
Common Vulnerability Exposure (CVE) ID: CVE-2015-7183
http://www.securityfocus.com/bid/77415
Debian Security Information: DSA-3406 (Google Search)
http://www.debian.org/security/2015/dsa-3406
http://www.ubuntu.com/usn/USN-2790-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-7197
http://www.securityfocus.com/bid/77411
RedHat Security Advisories: RHSA-2015:1982
http://rhn.redhat.com/errata/RHSA-2015-1982.html
RedHat Security Advisories: RHSA-2015:2519
http://rhn.redhat.com/errata/RHSA-2015-2519.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-7198
Common Vulnerability Exposure (CVE) ID: CVE-2015-7199
Common Vulnerability Exposure (CVE) ID: CVE-2015-7200
Common Vulnerability Exposure (CVE) ID: CVE-2015-7194
Common Vulnerability Exposure (CVE) ID: CVE-2015-7193
Common Vulnerability Exposure (CVE) ID: CVE-2015-7189
Common Vulnerability Exposure (CVE) ID: CVE-2015-7188
Common Vulnerability Exposure (CVE) ID: CVE-2015-4513
Common Vulnerability Exposure (CVE) ID: CVE-2015-4514
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.