Back to search

Ubuntu: (Multiple Advisories) (CVE-2017-7814): Thunderbird vulnerabilities

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	September 29, 2017	October 03, 2017	August 17, 2018

Description

File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables that would otherwise be detected as suspicious. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

Free InsightVM Trial

References

UBUNTU-USN-3435-1
UBUNTU-USN-3435-2
UBUNTU-USN-3436-1
BID-101059
SECTRACK-1039465
REDHAT-RHSA-2017:2831
REDHAT-RHSA-2017:2885
GENTOO-GLSA-201803-14
DEBIAN-DSA-3987
DEBIAN-DSA-4014
NVD-CVE-2017-7814

Solution

ubuntu-upgrade-firefox

Related Vulnerabilities

Oracle Solaris 11: CVE-2017-7823: Vulnerability in Firefox, Thunderbird
CentOS: (CVE-2017-7814) (Multiple Advisories): thunderbird
Gentoo Linux: CVE-2017-7805: Mozilla Thunderbird: Multiple vulnerabilities
Red Hat: CVE-2017-7805: Important: nss security update (RHSA-2017:2832)
Huawei EulerOS: CVE-2017-7805: nss security update
Amazon Linux AMI: CVE-2017-7805: Security patch for nss (ALAS-2017-911)
MFSA2017-22 Firefox: Security vulnerabilities fixed in Firefox ESR 52.4 (CVE-2017-7805)
Alpine Linux: CVE-2017-7814: firefox-esr Multiple vulnerabilities
SUSE: CVE-2017-7814: SUSE Linux Security Advisory
MFSA2017-22 Firefox: Security vulnerabilities fixed in Firefox ESR 52.4 (CVE-2017-7825)
MFSA2017-22 Firefox: Security vulnerabilities fixed in Firefox ESR 52.4 (CVE-2017-7823)
Sun Patch: NSS_NSPR_JSS 3.35 Solaris: NSPR 4.18 / NSS 3.35 / JSS 4.3.2 Mainte
Red Hat: CVE-2017-7823: Critical: firefox security update (Multiple Advisories)
Red Hat: CVE-2017-7814: Critical: firefox security update (Multiple Advisories)
Gentoo Linux: CVE-2017-7814: Mozilla Thunderbird: Multiple vulnerabilities
Gentoo Linux: CVE-2017-7825: Mozilla Thunderbird: Multiple vulnerabilities
Oracle Linux: (CVE-2017-7805) ELSA-2017-2832: nss security update
Oracle Solaris 11: CVE-2017-7805: Vulnerability in Firefox, Netscape Security Services, Thunderbird
Ubuntu: (Multiple Advisories) (CVE-2017-7823): Thunderbird vulnerabilities
FreeBSD: VID-1098A15B-B0F6-42B7-B5C7-8A8646E8BE07 (CVE-2017-7825): mozilla -- multiple vulnerabilities
CentOS: (CVE-2017-7823) (Multiple Advisories): thunderbird
MFSA2017-21 Firefox: Security vulnerabilities fixed in Firefox 56 (CVE-2017-7805)
SUSE: CVE-2017-7823: SUSE Linux Security Advisory
FreeBSD: VID-1098A15B-B0F6-42B7-B5C7-8A8646E8BE07 (CVE-2017-7814): mozilla -- multiple vulnerabilities
Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
MFSA2017-23 Thunderbird: Security vulnerabilities fixed in Thunderbird 52.4 (CVE-2017-7805)
MFSA2017-21 Firefox: Security vulnerabilities fixed in Firefox 56 (CVE-2017-7823)
Debian: CVE-2017-7805: firefox-esr, nss, thunderbird -- security update
Alpine Linux: CVE-2017-7823: firefox-esr Multiple vulnerabilities
Huawei EulerOS: CVE-2017-7805: nss security update
Oracle Linux: (CVE-2017-7814) (Multiple Advisories): thunderbird security update
Sun Patch: NSS_NSPR_JSS 3.30.2_x86: NSPR 4.15 / NSS 3.30.2 / JSS 4.3.2
Oracle Solaris 11: CVE-2017-7825: Vulnerability in Firefox, Thunderbird
Oracle Solaris 11: CVE-2017-7814: Vulnerability in Firefox, Thunderbird
Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
MFSA2017-21 Firefox: Security vulnerabilities fixed in Firefox 56 (CVE-2017-7825)
MFSA2017-23 Thunderbird: Security vulnerabilities fixed in Thunderbird 52.4 (CVE-2017-7825)
SUSE: CVE-2017-7805: SUSE Linux Security Advisory
FreeBSD: VID-1098A15B-B0F6-42B7-B5C7-8A8646E8BE07 (CVE-2017-7823): mozilla -- multiple vulnerabilities
MFSA2017-23 Thunderbird: Security vulnerabilities fixed in Thunderbird 52.4 (CVE-2017-7814)
Debian: CVE-2017-7823: firefox-esr, thunderbird -- security update
CentOS: (CVE-2017-7805) CESA-2017:2832: nss
Alpine Linux: CVE-2017-7825: firefox-esr Multiple vulnerabilities
Ubuntu: (Multiple Advisories) (CVE-2017-7805): Thunderbird vulnerabilities
Sun Patch: NSS_NSPR_JSS 3.35_x86: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
Debian: CVE-2017-7814: firefox-esr, thunderbird -- security update
FreeBSD: (Multiple Advisories) (CVE-2017-7805): mozilla -- multiple vulnerabilities
Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
SUSE: CVE-2017-7825: SUSE Linux Security Advisory
Alpine Linux: CVE-2017-7805: firefox-esr Multiple vulnerabilities
Gentoo Linux: CVE-2017-7823: Mozilla Thunderbird: Multiple vulnerabilities
Sun Patch: NSS_NSPR_JSS 3.35 Solaris_x86: NSPR 4.18 / NSS 3.35 / JSS 4.3.2 Ma
MFSA2017-22 Firefox: Security vulnerabilities fixed in Firefox ESR 52.4 (CVE-2017-7814)
MFSA2017-21 Firefox: Security vulnerabilities fixed in Firefox 56 (CVE-2017-7814)
MFSA2017-23 Thunderbird: Security vulnerabilities fixed in Thunderbird 52.4 (CVE-2017-7823)
Oracle Linux: (CVE-2017-7823) (Multiple Advisories): thunderbird security update

Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2017-7814): Thunderbird vulnerabilities

Description

Scan For This Vulnerability

References

Solution

Related Vulnerabilities

Legal

Resources & Help

Connect With Us

Stay in touch:

Quick Cookie Notification

Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2017-7814): Thunderbird vulnerabilities

Description

Scan For This Vulnerability

References

Solution

Related Vulnerabilities

Legal

Resources & Help

Connect With Us

Stay in touch: