CVE-2017-7814 log

Source
Severity Medium
Remote Yes
Type Access restriction bypass
Description
A security issue has been found in Thunderbird < 52.4. File downloads encoded with blob: and data: URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables that would otherwise be detected as suspicious.
Group Package Affected Fixed Severity Status Ticket
AVG-441 thunderbird 52.3.0-2 52.4.0-1 Critical Fixed
Date Advisory Group Package Severity Description
12 Oct 2017 ASA-201710-19 AVG-441 thunderbird Critical multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7814
https://bugzilla.mozilla.org/show_bug.cgi?id=1376036