Debian Thunderbird vulnerabilities

CVE-2017-7823 [MEDIUM] CVE-2017-7823: firefox - The content security policy (CSP) "sandbox" directive did not create a unique or... The content security policy (CSP) "sandbox" directive did not create a unique origin for the document, causing it to behave as if the "allow-same-origin" keyword were always specified. This could allow a Cross-Site Scripting (XSS) attack to be launched from unsafe content. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4. Scope: lo

CVE-2017-7847 [MEDIUM] CVE-2017-7847: thunderbird - Crafted CSS in an RSS feed can leak and reveal local path strings, which may con... Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird < 52.5.2. Scope: local bookworm: resolved (fixed in 1:52.5.2-1) bullseye: resolved (fixed in 1:52.5.2-1) forky: resolved (fixed in 1:52.5.2-1) sid: resolved (fixed in 1:52.5.2-1) trixie: resolved (fixed in 1:52.5.2-1)

CVE-2017-7845 [HIGH] CVE-2017-7845: firefox - A buffer overflow occurs when drawing and validating elements using Direct 3D 9 ... A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vu

CVE-2017-16541 [MEDIUM] CVE-2017-16541: firefox - Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass th... Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected. Scope: local sid: resolved (fixed in 62.0-1)

CVE-2016-5824 [MEDIUM] CVE-2016-5824: thunderbird - libical 1.0 allows remote attackers to cause a denial of service (use-after-free... libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. Scope: local bookworm: resolved (fixed in 1:60.5.0-1) bullseye: resolved (fixed in 1:60.5.0-1) forky: resolved (fixed in 1:60.5.0-1) sid: resolved (fixed in 1:60.5.0-1) trixie: resolved (fixed in 1:60.5.0-1)

CVE-2006-1790 [CRITICAL] CVE-2006-1790: firefox - A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a den... A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption. Scope: local sid: resolved (fixed in 1.5)

CVE-2006-0884 [CRITICAL] CVE-2006-0884: firefox - The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 a... The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail. Scope: local sid: resolv

CVE-2006-1726 [CRITICAL] CVE-2006-1726: firefox - Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and Sea... Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.2-1)

CVE-2006-4340 [MEDIUM] CVE-2006-4340: firefox - Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla... Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates, a similar vulnerability to CVE

CVE-2006-2779 [CRITICAL] CVE-2006-2779: firefox - Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a... Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented tree views," (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory

CVE-2006-0292 [HIGH] CVE-2006-0292: firefox - The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does... The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garbage collection. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.1-1)

CVE-2006-3677 [HIGH] CVE-2006-3677: firefox - Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote atta... Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.5-1)

CVE-2006-0294 [HIGH] CVE-2006-0294: firefox - Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, a... Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 allow remote attackers to execute arbitrary code by changing an element's style from position:relative to position:static, which causes Gecko to operate on freed memory. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.1-1)

CVE-2006-3805 [HIGH] CVE-2006-3805: firefox - The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.... The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.5-1)

CVE-2006-1733 [MEDIUM] CVE-2006-1733: firefox - Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla S... Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding, or (3) "by inserting an XBL m

CVE-2006-0748 [CRITICAL] CVE-2006-0748: firefox - Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozil... Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that results in a negative array index. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.2-1)

CVE-2006-1734 [MEDIUM] CVE-2006-1734: firefox - Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla S... Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the "clone parent" internal function. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.2-2)

CVE-2006-3804 [MEDIUM] CVE-2006-3804: thunderbird - Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey b... Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow. Scope: local bookworm: resolved (fixed in 1.5.0.5-1) bullseye: resolved (fixed in 1.5.0.5-1

CVE-2006-4565 [CRITICAL] CVE-2006-4565: firefox - Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before... Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a JavaScript regular expression with a "minimal quantifier." Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.7-1)

CVE-2006-2778 [MEDIUM] CVE-2006-2778: firefox - The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 a... The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow. Scope: local sid: resolved (fixed in 1.5.dfsg+1.5.0.4-1)