FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
linux-thunderbird < 52.5.2
thunderbird < 52.5.2

Details

VuXML ID 6a09c80e-6ec7-442a-bc65-d72ce69fd887
Discovery 2017-12-22
Entry 2017-12-25

Mozilla Foundation reports:

CVE-2017-7845: Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9

CVE-2017-7846: JavaScript Execution via RSS in mailbox:// origin

CVE-2017-7847: Local path string can be leaked from RSS feed

CVE-2017-7848: RSS Feed vulnerable to new line Injection

CVE-2017-7829: Mailsploit part 1: From address with encoded null character is cut off in message header display

References

CVE Name CVE-2017-7829
CVE Name CVE-2017-7845
CVE Name CVE-2017-7846
CVE Name CVE-2017-7847
CVE Name CVE-2017-7848
URL https://www.mozilla.org/security/advisories/mfsa2017-30/