English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 146377 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.882889
Kategorie:CentOS Local Security Checks
Titel:CentOS Update for thunderbird CESA-2018:1725 centos7
Zusammenfassung:Check the version of thunderbird
Beschreibung:Summary:
Check the version of thunderbird

Vulnerability Insight:
Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 52.8.0.

Security Fix(es):

* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8
(CVE-2018-5150)

* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)

* Mozilla: Use-after-free with SVG animations and clip paths
(CVE-2018-5154)

* Mozilla: Use-after-free with SVG animations and text paths
(CVE-2018-5155)

* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)

* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack
(CVE-2018-5184)

* Mozilla: Hang via malformed headers (CVE-2018-5161)

* Mozilla: Encrypted mail leaks plaintext through src attribute
(CVE-2018-5162)

* Mozilla: Lightweight themes can be installed without user interaction
(CVE-2018-5168)

* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)

* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion
through legacy extension (CVE-2018-5178)

* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

Red Hat would like to thank the Mozilla project for reporting
CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5168,
CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges Christoph Diehl,
Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector,
Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Ivan Fratric,
Wladimir Palant, and Root Object as the original reporters.

Affected Software/OS:
thunderbird on CentOS 7

Solution:
Please install the updated packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2018-5150
BugTraq ID: 104136
http://www.securityfocus.com/bid/104136
Debian Security Information: DSA-4199 (Google Search)
https://www.debian.org/security/2018/dsa-4199
Debian Security Information: DSA-4209 (Google Search)
https://www.debian.org/security/2018/dsa-4209
https://security.gentoo.org/glsa/201810-01
https://security.gentoo.org/glsa/201811-13
https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html
https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html
RedHat Security Advisories: RHSA-2018:1414
https://access.redhat.com/errata/RHSA-2018:1414
RedHat Security Advisories: RHSA-2018:1415
https://access.redhat.com/errata/RHSA-2018:1415
RedHat Security Advisories: RHSA-2018:1725
https://access.redhat.com/errata/RHSA-2018:1725
RedHat Security Advisories: RHSA-2018:1726
https://access.redhat.com/errata/RHSA-2018:1726
http://www.securitytracker.com/id/1040896
https://usn.ubuntu.com/3645-1/
https://usn.ubuntu.com/3660-1/
https://usn.ubuntu.com/3688-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-5154
Common Vulnerability Exposure (CVE) ID: CVE-2018-5155
Common Vulnerability Exposure (CVE) ID: CVE-2018-5159
https://www.exploit-db.com/exploits/44759/
Common Vulnerability Exposure (CVE) ID: CVE-2018-5161
http://www.securitytracker.com/id/1040946
Common Vulnerability Exposure (CVE) ID: CVE-2018-5162
BugTraq ID: 104240
http://www.securityfocus.com/bid/104240
Common Vulnerability Exposure (CVE) ID: CVE-2018-5168
Common Vulnerability Exposure (CVE) ID: CVE-2018-5170
Common Vulnerability Exposure (CVE) ID: CVE-2018-5178
BugTraq ID: 104138
http://www.securityfocus.com/bid/104138
http://www.securitytracker.com/id/1040898
Common Vulnerability Exposure (CVE) ID: CVE-2018-5183
Common Vulnerability Exposure (CVE) ID: CVE-2018-5184
Common Vulnerability Exposure (CVE) ID: CVE-2018-5185
CopyrightCopyright (C) 2018 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.