- Home
- CVEs with nessus.description==It was discovered that a From address encoded with a null character is
cut off in the message header display. An attacker could potentially
exploit this to spoof the sender address. (CVE-2017-7829)
It was discovered that it is possible to execute JavaScript in RSS
feeds in some circumstances. If a user were tricked in to opening a
specially crafted RSS feed, an attacker could potentially exploit this
in combination with another vulnerability, in order to cause
unspecified problems. (CVE-2017-7846)
It was discovered that the RSS feed can leak local path names. If a
user were tricked in to opening a specially crafted RSS feed, an
attacker could potentially exploit this to obtain sensitive
information. (CVE-2017-7847)
It was discovered that RSS feeds are vulnerable to new line injection.
If a user were tricked in to opening a specially crafted RSS feed, an
attacker could potentially exploit this to cause unspecified problems.
(CVE-2017-7848)
Multiple security issues were discovered in Thunderbird. If a user
were tricked in to opening a specially crafted website in a browsing
context, an attacker could potentially exploit these to cause a denial
of service, execute arbitrary code, or cause other unspecified
effects. (CVE-2018-5089, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097,
CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5013,
CVE-2018-5104, CVE-2018-5117).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top