[RHSA-2017:2885] thunderbird security update
Severity
Important
Affected Packages
4
CVEs
7
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 52.4.0.
Security Fix(es):
- Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-7810, CVE-2017-7793, CVE-2017-7818, CVE-2017-7819, CVE-2017-7824, CVE-2017-7814, CVE-2017-7823)
Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Jan de Mooij, Jason Kratzer, Randell Jesup, Tom Ritter, Tyson Smith, Sebastian Hengst, Abhishek Arya, Nils, Omair, Andre Weissflog, François Marier, and Jun Kokatsu as the original reporters.
| Package | Affected Version |
|---|---|
 pkg:rpm/redhat/thunderbird?arch=x86_64&distro=redhat-6.9
|
< 52.4.0-2.el6_9 |
|
pkg:rpm/redhat/thunderbird?arch=s390x&distro=redhat-6.9
|
< 52.4.0-2.el6_9 |
|
pkg:rpm/redhat/thunderbird?arch=ppc64&distro=redhat-6.9
|
< 52.4.0-2.el6_9 |
|
pkg:rpm/redhat/thunderbird?arch=i686&distro=redhat-6.9
|
< 52.4.0-2.el6_9 |
- ID
- RHSA-2017:2885
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2017:2885
- Published
-
2017-10-11T00:00:00
(7 years ago) - Modified
-
2017-10-11T00:00:00
(7 years ago) - Rights
- Copyright 2017 Red Hat, Inc.
- Other Advisories
-
-
ASA-201710-19
-
DSA-3987-1
-
DSA-4014-1
-
ELSA-2017-2831
-
ELSA-2017-2885
-
FREEBSD:1098A15B-B0F6-42B7-B5C7-8A8646E8BE07
-
GLSA-201802-03
-
GLSA-201803-14
-
MFSA-2017-21
-
MFSA-2017-22
-
MFSA-2017-23
-
openSUSE-SU-2017:2707-1
-
openSUSE-SU-2017:2710-1
-
RHSA-2017:2831
-
SUSE-SU-2017:2688-1
-
SUSE-SU-2017:2872-1
-
SUSE-SU-2017:2872-2
-
USN-3435-1
-
USN-3436-1
-
USN-3688-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Bugzilla | 1496649 |
|
|
| Bugzilla | 1496651 |
|
|
| Bugzilla | 1496652 |
|
|
| Bugzilla | 1496653 |
|
|
| Bugzilla | 1496654 |
|
|
| Bugzilla | 1496655 |
|
|
| Bugzilla | 1496656 |
|
|
| RHSA | RHSA-2017:2885 |
|
|
| CVE | CVE-2017-7793 |
|
|
| CVE | CVE-2017-7810 |
|
|
| CVE | CVE-2017-7814 |
|
|
| CVE | CVE-2017-7818 |
|
|
| CVE | CVE-2017-7819 |
|
|
| CVE | CVE-2017-7823 |
|
|
| CVE | CVE-2017-7824 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/redhat/thunderbird?arch=x86_64&distro=redhat-6.9 | redhat |
thunderbird
|
< 52.4.0-2.el6_9 | redhat-6.9 | x86_64 | |
| Affected | pkg:rpm/redhat/thunderbird?arch=s390x&distro=redhat-6.9 | redhat |
thunderbird
|
< 52.4.0-2.el6_9 | redhat-6.9 | s390x | |
| Affected | pkg:rpm/redhat/thunderbird?arch=ppc64&distro=redhat-6.9 | redhat |
thunderbird
|
< 52.4.0-2.el6_9 | redhat-6.9 | ppc64 | |
| Affected | pkg:rpm/redhat/thunderbird?arch=i686&distro=redhat-6.9 | redhat |
thunderbird
|
< 52.4.0-2.el6_9 | redhat-6.9 | i686 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |