Дата обнаружения
|
09/10/2017 |
Уровень угрозы
|
Critical |
Описание
|
Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, perform cross-site scripting and execute arbitrary code. Below is a complete list of vulnerabilities:
Technical details Vulnerability (2) only affects Firefox for Android. Other operating systems are not affected. Vulnerability (3) occurs in design mode while resizing images. Vulnerability (7) only affects OS X operating system. Other operating systems are not affected. NB: Not every vulnerability already has CVSS rating, so cumulative CVSS rating can be not representative. NB: At this moment VENDOR has just reserved CVE numbers for these vulnerabilities. Information can be changed soon. |
Пораженные продукты
|
Mozilla Thunderbird versions earlier than 52.4 |
Решение
|
Update to the latest version |
Первичный источник обнаружения
|
Mozilla Foundation Security Advisory 2017-23 |
Оказываемое влияние
?
|
ACE
[?]
OSI
[?]
DoS
[?]
SB
[?]
RLF
[?]
XSS/CSS
[?]
SUI
[?]
|
Связанные продукты
|
Mozilla Thunderbird |
CVE-IDS
|
CVE-2017-77937.5Critical CVE-2017-78187.5Critical CVE-2017-78197.5Critical CVE-2017-78247.5Critical CVE-2017-78055.0Critical CVE-2017-78146.8High CVE-2017-78255.0Critical CVE-2017-78234.3Warning |
Узнай статистику распространения уязвимостей в твоем регионе |