USN-3416-1: Thunderbird vulnerabilities
USN-3416-1: Thunderbird vulnerabilities Ubuntu Security Notice USN-3416-1 14th September, 2017 thunderbird vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in Thunderbird. Software description thunderbird – Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user weretricked in to opening a specially crafted website in a browsing context,an attacker could potentially exploit these to bypass same-originrestrictions, bypass CSP restrictions, obtain sensitive information, spoofthe origin of modal alerts, cause a denial of service via applicationcrash, or execute arbitrary code. (CVE-2017-7753, CVE-2017-7779,CVE-2017-7784, CVE-2017-7785, CVE-2017-7787, CVE-2017-7791, CVE-2017-7792,CVE-2017-7800, CVE-2017-7801, CVE-2017-7802, CVE-2017-7803, CVE-2017-7807,CVE-2017-7809) A buffer overflow was discovered when displaying SVG content in somecircumstances. If a user were tricked in to opening a specially craftedmessage, an attacker could potentially exploit [ more… ]