[FEDORA-2007-1180] Fedora 7: thunderbird
Severity
High
Affected Packages
1
CVEs
6
Mozilla Thunderbird is a standalone mail and newsgroup client.
Several flaws were found in the way Thunderbird processed certain malformed JavaScript code. A malicious HTML email message containing JavaScript code could cause Thunderbird to crash or potentially execute arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird; these issues are not exploitable unless the user has enabled JavaScript. (CVE-2007-3089, CVE-2007-3734, CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738)
Users of Thunderbird are advised to upgrade to these erratum packages, which contain patches that correct these issues.
Package | Affected Version |
---|---|
pkg:rpm/fedora/thunderbird?distro=fedora-7 | < 2.0.0.5.1.fc7 |
- ID
- FEDORA-2007-1180
- Severity
- high
- Severity from
- CVE-2007-3734
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2007-1180
- Published
-
2007-07-20T19:32:33
(17 years ago) - Modified
-
2007-07-20T19:32:33
(17 years ago) - Rights
- Copyright 2007 Red Hat, Inc.
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
CVE-2007-3737 | http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3737 | ||
CVE-2007-3738 | http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3738 | ||
CVE-2007-3735 | http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3735 | ||
Bugzilla | 248518 | Bug #248518 | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248518 |
CVE-2007-3089 | http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3089 | ||
CVE-2007-3734 | http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3734 | ||
CVE-2007-3736 | http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3736 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/thunderbird?distro=fedora-7 | fedora | thunderbird | < 2.0.0.5.1.fc7 | fedora-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |