Rapid7 Vulnerability & Exploit Database

RHSA-2011:0312: thunderbird security update

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

RHSA-2011:0312: thunderbird security update

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

03/02/2011

Created

07/25/2018

Added

03/16/2011

Modified

07/04/2017

Description

Mozilla Thunderbird is a standalone mail and newsgroup client.Several flaws were found in the processing of malformed HTML content.Malicious HTML content could cause Thunderbird to crash or, potentially,execute arbitrary code with the privileges of the user running Thunderbird.(CVE-2011-0051, CVE-2011-0053)Note: JavaScript support is disabled by default in Thunderbird. The aboveissues are not exploitable unless JavaScript is enabled.All Thunderbird users should upgrade to this updated package, whichresolves these issues. All running instances of Thunderbird must berestarted for the update to take effect.

Solution(s)

redhat-upgrade-thunderbird

References

https://attackerkb.com/topics/cve-2011-0051
46645
CVE - 2011-0051
CVE - 2011-0053
OVAL14211
OVAL14379
RHSA-2011:0312
RHSA-2011:0313

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

RHSA-2011:0312: thunderbird security update

RHSA-2011:0312: thunderbird security update

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.