- Home
- CVEs with nessus.description==The installed version of Thunderbird is earlier than 24.1 and is,
therefore, potentially affected by the following vulnerabilities :
- The implementation of Network Security Services (NSS)
does not ensure that data structures are initialized,
which could result in a denial of service or disclosure
of sensitive information. (2013-1739)
- Memory issues exist in the browser engine that could
result in a denial of service or arbitrary code
execution. (CVE-2013-5590, CVE-2013-5591, CVE-2013-5592)
- Arbitrary HTML content can be put into 'select'
elements. This can be used to spoof the displayed
address bar, leading to clickjacking and other spoofing
attacks. (CVE-2013-5593)
- Memory issues exist in the JavaScript engine that could
result in a denial of service or arbitrary code
execution. (CVE-2013-5595, CVE-2013-5602)
- A race condition exists during image collection on large
web pages that could result in a denial of service or
arbitrary code execution. (CVE-2013-5596)
- Multiple use-after-free vulnerabilities exist that could
result in a denial of service or arbitrary code
execution. (CVE-2013-5597, CVE-2013-5599, CVE-2013-5600,
CVE-2013-5601, CVE-2013-5603)
- A stack-based buffer overflow in
txXPathNodeUtils::getBaseURI is possible due to
uninitialized data during XSLT processing.
(CVE-2013-5604)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top