exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2018-12372

Status Candidate

Overview

Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 52.9.

Related Files

Gentoo Linux Security Advisory 201811-13
Posted Nov 24, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201811-13 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to the execution of arbitrary code. Versions less than 60.3.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-16541, CVE-2018-12359, CVE-2018-12360, CVE-2018-12361, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12367, CVE-2018-12371, CVE-2018-12372, CVE-2018-12373, CVE-2018-12374, CVE-2018-12376, CVE-2018-12377, CVE-2018-12378, CVE-2018-12379, CVE-2018-12383, CVE-2018-12385, CVE-2018-12389, CVE-2018-12390, CVE-2018-12391, CVE-2018-12392, CVE-2018-12393, CVE-2018-5125
SHA-256 | dfd702cee32bc438649bed899c42ec0c300d02359e8e2217025dfe8241b5cd45
Red Hat Security Advisory 2018-2251-01
Posted Jul 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2251-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.9.1. Issues addressed include buffer overflow, cross site request forgery, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2018-12359, CVE-2018-12360, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12372, CVE-2018-12373, CVE-2018-12374, CVE-2018-5188
SHA-256 | cfab7a998bd27c1e4a1a0e65a6b7bd19bed1aba4d0504b8ee9a31d57643744bf
Red Hat Security Advisory 2018-2252-01
Posted Jul 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2252-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.9.1. Issues addressed include buffer overflow, cross site request forgery, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, csrf
systems | linux, redhat
advisories | CVE-2018-12359, CVE-2018-12360, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12372, CVE-2018-12373, CVE-2018-12374, CVE-2018-5188
SHA-256 | 710bbfbe7f1c6bbad567e4d6df96227243d295254c8df4498a8b7b3a8cd14173
Debian Security Advisory 4244-1
Posted Jul 14, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4244-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or attacks on encrypted emails.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2017-17689, CVE-2018-12359, CVE-2018-12360, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12372, CVE-2018-12373, CVE-2018-12374, CVE-2018-5188
SHA-256 | 307d6271acb7903ea1cdd898c92f48b7b284c567cd6f920247667d0674c50b55
Ubuntu Security Notice USN-3714-1
Posted Jul 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3714-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass CORS restrictions, obtain sensitive information, or execute arbitrary code. It was discovered that S/MIME and PGP decryption oracles can be built with HTML emails. An attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-12359, CVE-2018-12363, CVE-2018-12364, CVE-2018-12372, CVE-2018-12373, CVE-2018-12374
SHA-256 | 5b9a375b7e68e29c645ccc9c61dfe743f7d5c1f9083b295b36d6d6fa792b993c
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close