Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

thunderbird vulnerabilities

Related Vulnerabilities: CVE-2017-5429   CVE-2017-5430   CVE-2017-5436   CVE-2017-5443   CVE-2017-5444   CVE-2017-5445   CVE-2017-5446   CVE-2017-5447   CVE-2017-5461   CVE-2017-5467   CVE-2017-5432   CVE-2017-5433   CVE-2017-5434   CVE-2017-5435   CVE-2017-5437   CVE-2017-5438   CVE-2017-5439   CVE-2017-5440   CVE-2017-5441   CVE-2017-5442   CVE-2017-5449   CVE-2017-5451   CVE-2017-5454   CVE-2017-5459   CVE-2017-5460   CVE-2017-5464   CVE-2017-5465   CVE-2017-5466   CVE-2017-5469   CVE-2016-10195   CVE-2016-10196   CVE-2016-10197   CVE-2017-5462  

Several security issues were fixed in Thunderbird.

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash, or execute arbitrary code. (CVE-2017-5429, CVE-2017-5430, CVE-2017-5436, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5461, CVE-2017-5467)

Source

16 May 2017

thunderbird vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in Thunderbird.

Software Description

  • thunderbird - Mozilla Open Source mail and newsgroup client

Details

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash, or execute arbitrary code. (CVE-2017-5429, CVE-2017-5430, CVE-2017-5436, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5461, CVE-2017-5467)

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to spoof the addressbar contents, conduct cross-site scripting (XSS) attacks, cause a denial of service via application crash, or execute arbitrary code. (CVE-2017-5432, CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5437, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5449, CVE-2017-5451, CVE-2017-5454, CVE-2017-5459, CVE-2017-5460, CVE-2017-5464, CVE-2017-5465, CVE-2017-5466, CVE-2017-5469, CVE-2016-10195, CVE-2016-10196, CVE-2016-10197)

A flaw was discovered in the DRBG number generation in NSS. If an attacker were able to perform a man-in-the-middle attack, this flaw could potentially be exploited to view sensitive information. (CVE-2017-5462)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 17.04
thunderbird - 1:52.1.1+build1-0ubuntu0.17.04.1
Ubuntu 16.10
thunderbird - 1:52.1.1+build1-0ubuntu0.16.10.1
Ubuntu 16.04 LTS
thunderbird - 1:52.1.1+build1-0ubuntu0.16.04.1
Ubuntu 14.04 LTS
thunderbird - 1:52.1.1+build1-0ubuntu0.14.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Thunderbird to make all the necessary changes.

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started