Ubuntu Local Security Checks : Ubuntu: Security Advisory for thunderbird (USN-4647-1)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.844731

Kategorie: Ubuntu Local Security Checks

Titel: Ubuntu: Security Advisory for thunderbird (USN-4647-1)

Zusammenfassung: The remote host is missing an update for the 'thunderbird'; package(s) announced via the USN-4647-1 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'thunderbird'
package(s) announced via the USN-4647-1 advisory.

Vulnerability Insight:
Multiple security issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted website in a browsing context,
an attacker could potentially exploit these to cause a denial of service,
obtain sensitive information across origins, bypass security restrictions,
conduct phishing attacks, conduct cross-site scripting (XSS) attacks,
bypass Content Security Policy (CSP) restrictions, conduct DNS rebinding
attacks, or execute arbitrary code.

Affected Software/OS:
'thunderbird' package(s) on Ubuntu 20.10.

Solution:
Please install the updated package(s).

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2020-15683
Common Vulnerability Exposure (CVE) ID: CVE-2020-15969
Common Vulnerability Exposure (CVE) ID: CVE-2020-16012
Common Vulnerability Exposure (CVE) ID: CVE-2020-26950
Common Vulnerability Exposure (CVE) ID: CVE-2020-26951
Common Vulnerability Exposure (CVE) ID: CVE-2020-26953
Common Vulnerability Exposure (CVE) ID: CVE-2020-26956
Common Vulnerability Exposure (CVE) ID: CVE-2020-26958
Common Vulnerability Exposure (CVE) ID: CVE-2020-26959
Common Vulnerability Exposure (CVE) ID: CVE-2020-26960
Common Vulnerability Exposure (CVE) ID: CVE-2020-26961
Common Vulnerability Exposure (CVE) ID: CVE-2020-26965
Common Vulnerability Exposure (CVE) ID: CVE-2020-26968

Copyright Copyright (C) 2020 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.844731
Kategorie:	Ubuntu Local Security Checks
Titel:	Ubuntu: Security Advisory for thunderbird (USN-4647-1)
Zusammenfassung:	The remote host is missing an update for the 'thunderbird'; package(s) announced via the USN-4647-1 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'thunderbird' package(s) announced via the USN-4647-1 advisory. Vulnerability Insight: Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across origins, bypass security restrictions, conduct phishing attacks, conduct cross-site scripting (XSS) attacks, bypass Content Security Policy (CSP) restrictions, conduct DNS rebinding attacks, or execute arbitrary code. Affected Software/OS: 'thunderbird' package(s) on Ubuntu 20.10. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2020-15683 Common Vulnerability Exposure (CVE) ID: CVE-2020-15969 Common Vulnerability Exposure (CVE) ID: CVE-2020-16012 Common Vulnerability Exposure (CVE) ID: CVE-2020-26950 Common Vulnerability Exposure (CVE) ID: CVE-2020-26951 Common Vulnerability Exposure (CVE) ID: CVE-2020-26953 Common Vulnerability Exposure (CVE) ID: CVE-2020-26956 Common Vulnerability Exposure (CVE) ID: CVE-2020-26958 Common Vulnerability Exposure (CVE) ID: CVE-2020-26959 Common Vulnerability Exposure (CVE) ID: CVE-2020-26960 Common Vulnerability Exposure (CVE) ID: CVE-2020-26961 Common Vulnerability Exposure (CVE) ID: CVE-2020-26965 Common Vulnerability Exposure (CVE) ID: CVE-2020-26968
Copyright	Copyright (C) 2020 Greenbone Networks GmbH