Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code. (CVE-2023-25152, CVE-2023-28162,
CVE-2023-28176)
Lukas Bernhard discovered that Thunderbird did not properly manage memory
when invalidating JIT code while following an iterator. An attacker could
potentially exploits this issue to cause a denial of service.
(CVE-2023-25751)
Luan Herrera discovered that Thunderbird did not properly manage
cross-origin iframe when dragging a URL. An attacker could potentially
exploit this issue to perform spoofing attacks. (CVE-2023-28164)
More Stories
perl-Data-UUID-1.227-1.fc38
FEDORA-2024-08bb549a36 Packages in this update: perl-Data-UUID-1.227-1.fc38 Update description: This update fixes CVE-2013-4184 (possible symlink attack due to use of predictable...
perl-Data-UUID-1.227-1.fc40
FEDORA-2024-3da8ed5be3 Packages in this update: perl-Data-UUID-1.227-1.fc40 Update description: This update fixes CVE-2013-4184 (possible symlink attack due to use of predictable...
perl-Data-UUID-1.227-1.fc39
FEDORA-2024-a58a7e2388 Packages in this update: perl-Data-UUID-1.227-1.fc39 Update description: This update fixes CVE-2013-4184 (possible symlink attack due to use of predictable...
perl-Data-UUID-1.227-1.el7
FEDORA-EPEL-2024-1c85d457ef Packages in this update: perl-Data-UUID-1.227-1.el7 Update description: This update fixes CVE-2013-4184 (possible symlink attack due to use of predictable...
firefox-124.0-1.fc40
FEDORA-2024-cd3a64f43b Packages in this update: firefox-124.0-1.fc40 Update description: Updated to 124.0 Read More
firefox-124.0-1.fc39
FEDORA-2024-113454b56b Packages in this update: firefox-124.0-1.fc39 Update description: Updated to 124.0 Read More