- Home
- CVEs with nessus.description==This update to Mozilla Thunderbird 45.7.0 fixes security issues and bugs.
The following security issues from advisory MFSA 2017-03 were fixed (boo#1021991) In general, these flaws cannot be exploited through email in Thunderbird because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts :
- CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP (boo#1021814)
- CVE-2017-5376: Use-after-free in XSL (boo#1021817)
- CVE-2017-5378: Pointer and frame data leakage of JavaScript objects (boo#1021818)
- CVE-2017-5380: Potential use-after-free during DOM manipulations (boo#1021819)
- CVE-2017-5390: Insecure communication methods in Developer Tools JSON viewer (boo#1021820)
- CVE-2017-5396: Use-after-free with Media Decoder (boo#1021821)
- CVE-2017-5383: Location bar spoofing with unicode characters (boo#1021822)
- CVE-2017-5373: Memory safety bugs fixed in Thunderbird 45.7 (boo#1021824)
The following non-security bugs were fixed :
- Message preview pane non-functional after IMAP folder was renamed or moved
- 'Move To' button on 'Search Messages' panel not working
- Message sent to 'undisclosed recipients' shows no recipient (non-functional since Thunderbird version 38)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top