AVG-193 log

Package thunderbird
Status Fixed
Severity Critical
Type multiple issues
Affected 45.7.1-3
Fixed 45.8.0-1
Current 115.12.2-1 [extra]
Ticket None
Created Fri Mar 10 21:16:07 2017
Issue Severity Remote Type Description
CVE-2017-5410 Critical Yes Arbitrary code execution
Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for...
CVE-2017-5408 Medium Yes Information disclosure
Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential...
CVE-2017-5407 High Yes Information disclosure
Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user....
CVE-2017-5405 Low Yes Content spoofing
Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations.
CVE-2017-5404 Critical Yes Arbitrary code execution
A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This...
CVE-2017-5402 Critical Yes Arbitrary code execution
A use-after-free can occur when events are fired for a FontFace object after the object has been already been destroyed while working with fonts.
CVE-2017-5401 Critical Yes Arbitrary code execution
A crash triggerable by web content in which an ErrorResult references unassigned memory due to a logic error.
CVE-2017-5400 Critical Yes Arbitrary code execution
JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks.
CVE-2017-5398 Critical Yes Arbitrary code execution
Several memory safety bugs, some of them leading to memory corruption issues have been found in Firefox < 52 and Thunderbird < 45.8.
Date Advisory Package Type
10 Mar 2017 ASA-201703-2 thunderbird multiple issues