Detect date
?
|
10/09/2017 |
Severity
?
|
Critical |
Description
|
Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, perform cross-site scripting and execute arbitrary code. Below is a complete list of vulnerabilities:
Technical details Vulnerability (2) only affects Firefox for Android. Other operating systems are not affected. Vulnerability (3) occurs in design mode while resizing images. Vulnerability (7) only affects OS X operating system. Other operating systems are not affected. NB: Not every vulnerability already has CVSS rating, so cumulative CVSS rating can be not representative. NB: At this moment VENDOR has just reserved CVE numbers for these vulnerabilities. Information can be changed soon. |
Affected products
|
Mozilla Thunderbird versions earlier than 52.4 |
Solution
|
Update to the latest version |
Original advisories
|
|
Impacts
?
|
ACE [?] OSI [?] DoS [?] SB [?] RLF [?] XSS/CSS [?] SUI [?] |
Related products
|
Mozilla Thunderbird |
CVE-IDS
?
|
CVE-2017-77939.8Critical
CVE-2017-78189.8Critical CVE-2017-78199.8Critical CVE-2017-78249.8Critical CVE-2017-78057.5Critical CVE-2017-78147.8Critical CVE-2017-78255.3High CVE-2017-78235.4High CVE-2017-78109.8Critical |