AVG-530 log
Package | thunderbird |
Status | Fixed |
Severity | Critical |
Type | multiple issues |
Affected | 52.4.0-2 |
Fixed | 52.5.0-1 |
Current |
128.4.4-1 [extra-testing] 128.4.3-1 [extra] |
Ticket | None |
Created | Thu Nov 30 12:24:26 2017 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2017-7830 | High | Yes | Same-origin policy bypass | The Resource Timing API in Firefox before 57.0 and Thunderbird before 52.5 incorrectly revealed navigations in cross-origin iframes. This is a same-origin... |
CVE-2017-7828 | Critical | Yes | Arbitrary code execution | A use-after-free vulnerability can occur in Firefox before 57.0 and Thunderbird before 52.5 when flushing and resizing layout because the PressShell object... |
CVE-2017-7826 | Critical | Yes | Arbitrary code execution | Several reported memory safety bugs have been found in Firefox before 57.0 and Thunderbird before 52.5. Some of these bugs showed evidence of memory... |
Date | Advisory | Package | Type |
---|---|---|---|
30 Nov 2017 | ASA-201711-43 | thunderbird | multiple issues |
References |
---|
https://www.mozilla.org/en-US/security/advisories/mfsa2017-26/ |