[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 195419 Download | Alert*

The host is installed with Apple Safari before 6.1.5 or 7.x before 7.0.5 and is prone to address bar spoofing vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

Mozilla Thunderbird ESR is installed on Mac OS.

Multiple security issues have been found in Thunderbird which could result in denial of service or potentially the execution of arbitrary code.

Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure.

Mozilla Thunderbird 68.10: If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a server controlled by the attacker.

Mozilla Thunderbird 60.5 : A use-after-free vulnerability can occur while playing a sound notification in Thunderbird. The memory storing the sound data is immediately freed, although the sound is still being played asynchronously, leading to a potentially exploitable crash.

Mozilla Thunderbird 60.5 : A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service (DOS) attack because Thunderbird reopens the last seen message on restart, triggering the crash again.

Mozilla Thunderbird 91.3 : Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures.

Mozilla Thunderbird 68.10: If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a server controlled by the attacker.

Mozilla Thunderbird 60.5: A use-after-free vulnerability can occur while playing a sound notification in Thunderbird. The memory storing the sound data is immediately freed, although the sound is still being played asynchronously, leading to a potentially exploitable crash.


Pages:      Start    9059    9060    9061    9062    9063    9064    9065    9066    9067    9068    9069    9070    9071    9072    ..   19541

© SecPod Technologies