Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.883063
Kategorie:CentOS Local Security Checks
Titel:CentOS Update for thunderbird CESA-2019:1310 centos6
Zusammenfassung:The remote host is missing an update for the 'thunderbird'; package(s) announced via the CESA-2019:1310 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'thunderbird'
package(s) announced via the CESA-2019:1310 advisory.

Vulnerability Insight:
Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 60.7.0.

Security Fix(es):

* Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7
(CVE-2019-9800)

* Mozilla: Cross-origin theft of images with createImageBitmap
(CVE-2019-9797)

* Mozilla: Stealing of cross-domain images using canvas (CVE-2019-9817)

* Mozilla: Compartment mismatch with fetch API (CVE-2019-9819)

* Mozilla: Use-after-free of ChromeEventHandler by DocShell (CVE-2019-9820)

* Mozilla: Use-after-free in XMLHttpRequest (CVE-2019-11691)

* Mozilla: Use-after-free removing listeners in the event listener manager
(CVE-2019-11692)

* Mozilla: Buffer overflow in WebGL bufferdata on Linux (CVE-2019-11693)

* mozilla: Cross-origin theft of images with ImageBitmapRenderingContext
(CVE-2018-18511)

* chromium-browser: Out of bounds read in Skia (CVE-2019-5798)

* Mozilla: Theft of user history data through drag and drop of hyperlinks
to and from bookmarks (CVE-2019-11698)

* libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Affected Software/OS:
'thunderbird' package(s) on CentOS 6.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2019-5798
Bugtraq: 20190527 [SECURITY] [DSA 4451-1] thunderbird security update (Google Search)
https://seclists.org/bugtraq/2019/May/67
Debian Security Information: DSA-4451 (Google Search)
https://www.debian.org/security/2019/dsa-4451
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html
https://crbug.com/883596
https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html
RedHat Security Advisories: RHSA-2019:1308
https://access.redhat.com/errata/RHSA-2019:1308
RedHat Security Advisories: RHSA-2019:1309
https://access.redhat.com/errata/RHSA-2019:1309
RedHat Security Advisories: RHSA-2019:1310
https://access.redhat.com/errata/RHSA-2019:1310
SuSE Security Announcement: openSUSE-SU-2019:1484 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html
SuSE Security Announcement: openSUSE-SU-2019:1534 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html
SuSE Security Announcement: openSUSE-SU-2019:1664 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html
SuSE Security Announcement: openSUSE-SU-2019:1666 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html
https://usn.ubuntu.com/3997-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-7317
BugTraq ID: 108098
http://www.securityfocus.com/bid/108098
Bugtraq: 20190417 [slackware-security] libpng (SSA:2019-107-01) (Google Search)
https://seclists.org/bugtraq/2019/Apr/30
Bugtraq: 20190429 [SECURITY] [DSA 4435-1] libpng1.6 security update (Google Search)
https://seclists.org/bugtraq/2019/Apr/36
Bugtraq: 20190522 [slackware-security] mozilla-firefox (SSA:2019-141-01) (Google Search)
https://seclists.org/bugtraq/2019/May/56
Bugtraq: 20190523 [SECURITY] [DSA 4448-1] firefox-esr security update (Google Search)
https://seclists.org/bugtraq/2019/May/59
https://security.netapp.com/advisory/ntap-20190719-0005/
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us
Debian Security Information: DSA-4435 (Google Search)
https://www.debian.org/security/2019/dsa-4435
Debian Security Information: DSA-4448 (Google Search)
https://www.debian.org/security/2019/dsa-4448
https://security.gentoo.org/glsa/201908-02
http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803
https://github.com/glennrp/libpng/issues/275
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html
RedHat Security Advisories: RHSA-2019:1265
https://access.redhat.com/errata/RHSA-2019:1265
RedHat Security Advisories: RHSA-2019:1267
https://access.redhat.com/errata/RHSA-2019:1267
RedHat Security Advisories: RHSA-2019:1269
https://access.redhat.com/errata/RHSA-2019:1269
RedHat Security Advisories: RHSA-2019:2494
https://access.redhat.com/errata/RHSA-2019:2494
RedHat Security Advisories: RHSA-2019:2495
https://access.redhat.com/errata/RHSA-2019:2495
RedHat Security Advisories: RHSA-2019:2585
https://access.redhat.com/errata/RHSA-2019:2585
RedHat Security Advisories: RHSA-2019:2590
https://access.redhat.com/errata/RHSA-2019:2590
RedHat Security Advisories: RHSA-2019:2592
https://access.redhat.com/errata/RHSA-2019:2592
RedHat Security Advisories: RHSA-2019:2737
https://access.redhat.com/errata/RHSA-2019:2737
SuSE Security Announcement: openSUSE-SU-2019:1912 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html
SuSE Security Announcement: openSUSE-SU-2019:1916 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html
https://usn.ubuntu.com/3962-1/
https://usn.ubuntu.com/3991-1/
https://usn.ubuntu.com/4080-1/
https://usn.ubuntu.com/4083-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-9797
https://bugzilla.mozilla.org/show_bug.cgi?id=1528909
https://www.mozilla.org/security/advisories/mfsa2019-07/
Common Vulnerability Exposure (CVE) ID: CVE-2019-9800
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1540166%2C1534593%2C1546327%2C1540136%2C1538736%2C1538042%2C1535612%2C1499719%2C1499108%2C1538619%2C1535194%2C1516325%2C1542324%2C1542097%2C1532465%2C1533554%2C1541580
https://www.mozilla.org/security/advisories/mfsa2019-13/
https://www.mozilla.org/security/advisories/mfsa2019-14/
https://www.mozilla.org/security/advisories/mfsa2019-15/
Common Vulnerability Exposure (CVE) ID: CVE-2019-9817
https://bugzilla.mozilla.org/show_bug.cgi?id=1540221
Common Vulnerability Exposure (CVE) ID: CVE-2019-9819
https://bugzilla.mozilla.org/show_bug.cgi?id=1532553
Common Vulnerability Exposure (CVE) ID: CVE-2019-9820
https://bugzilla.mozilla.org/show_bug.cgi?id=1536405
CopyrightCopyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.