 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.884317 |
| Category: | CentOS Local Security Checks |
| Title: | CentOS: Security Advisory for thunderbird (CESA-2024:0957) |
| Summary: | The remote host is missing an update for the 'thunderbird'; package(s) announced via the CESA-2024:0957 advisory. |
| Description: | Summary: The remote host is missing an update for the 'thunderbird' package(s) announced via the CESA-2024:0957 advisory. Vulnerability Insight: Mozilla Thunderbird is a standalone mail and newsgroup client. This Update upgrades Thunderbird to version 115.8.0. Security Fix(es): * Mozilla: Out-of-bounds memory read in networking channels (CVE-2024-1546) * Mozilla: Alert dialog could have been spoofed on another site (CVE-2024-1547) * Mozilla: Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8 (CVE-2024-1553) * Mozilla: Fullscreen Notification could have been hidden by select element (CVE-2024-1548) * Mozilla: Custom cursor could obscure the permission dialog (CVE-2024-1549) * Mozilla: Mouse cursor re-positioned unexpectedly could have led to unintended permission grants (CVE-2024-1550) * Mozilla: Multipart HTTP Responses would accept the Set-Cookie header in response parts (CVE-2024-1551) * Mozilla: Incorrect code generation on 32-bit ARM devices (CVE-2024-1552) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'thunderbird' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2024-1546 https://bugzilla.mozilla.org/show_bug.cgi?id=1843752 https://www.mozilla.org/security/advisories/mfsa2024-05/ https://www.mozilla.org/security/advisories/mfsa2024-06/ https://www.mozilla.org/security/advisories/mfsa2024-07/ https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html Common Vulnerability Exposure (CVE) ID: CVE-2024-1547 https://bugzilla.mozilla.org/show_bug.cgi?id=1877879 Common Vulnerability Exposure (CVE) ID: CVE-2024-1553 Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286 Common Vulnerability Exposure (CVE) ID: CVE-2024-1548 https://bugzilla.mozilla.org/show_bug.cgi?id=1832627 Common Vulnerability Exposure (CVE) ID: CVE-2024-1549 https://bugzilla.mozilla.org/show_bug.cgi?id=1833814 Common Vulnerability Exposure (CVE) ID: CVE-2024-1550 https://bugzilla.mozilla.org/show_bug.cgi?id=1860065 Common Vulnerability Exposure (CVE) ID: CVE-2024-1551 https://bugzilla.mozilla.org/show_bug.cgi?id=1864385 Common Vulnerability Exposure (CVE) ID: CVE-2024-1552 https://bugzilla.mozilla.org/show_bug.cgi?id=1874502 |
| Copyright | Copyright (C) 2024 Greenbone AG |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |