Download
| Alert*
oval:org.secpod.oval:def:503824
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.10.0. Security Fix: * Mozilla: Memory corruption due to missing sign-extension for ValueTags on ARM64 * Mozilla: Information disclosure due to manipulated URL object * Mozilla: Use-after-f ... oval:org.secpod.oval:def:503811 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.10.0. Security Fix: * Mozilla: Memory corruption due to missing sign-extension for ValueTags on ARM64 * Mozilla: Information disclosure due to manipulated URL object * Mozilla: Use-after-f ... oval:org.secpod.oval:def:503816 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.10.0. Security Fix: * Mozilla: Information disclosure due to manipulated URL object * Mozilla: Use-after-free in nsGlobalWindowInner * Mozilla: Use-After-Free when trying to connect to a S ... oval:org.secpod.oval:def:64091 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-26. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:87734 Mozilla Thunderbird 68.10: If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a server controlled by the ... oval:org.secpod.oval:def:2004244 This CVE is missing description oval:org.secpod.oval:def:604908 Multiple security issues have been found in Thunderbird which could result in denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:87730 Mozilla Thunderbird 68.10: If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a server controlled by the ... oval:org.secpod.oval:def:64092 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-26. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. |