1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2007-1180

[FEDORA-2007-1180] Fedora 7: thunderbird

Severity High
Affected Packages 1
CVEs 6
Info Packages References Vulnerabilities

Mozilla Thunderbird is a standalone mail and newsgroup client.

Several flaws were found in the way Thunderbird processed certain malformed JavaScript code. A malicious HTML email message containing JavaScript code could cause Thunderbird to crash or potentially execute arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird; these issues are not exploitable unless the user has enabled JavaScript. (CVE-2007-3089, CVE-2007-3734, CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738)

Users of Thunderbird are advised to upgrade to these erratum packages, which contain patches that correct these issues.

Package Affected Version
pkg:rpm/fedora/thunderbird?distro=fedora-7 < 2.0.0.5.1.fc7
ID
FEDORA-2007-1180
Severity
high
Severity from
CVE-2007-3734
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2007-1180
Published
2007-07-20T19:32:33
(17 years ago)
Modified
2007-07-20T19:32:33
(17 years ago)
Rights
Copyright 2007 Red Hat, Inc.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/thunderbird?distro=fedora-7 fedora thunderbird < 2.0.0.5.1.fc7 fedora-7
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date