ALT-BU-2013-1387-1
Branch p6 update bulletin.
Package thunderbird updated to version 17.0.9-alt0.M60P.1 for branch p6 in task 108937.
Closed vulnerabilities
BDU:2014-00303
Уязвимость пакета программ Mozilla SeaMonkey, позволяющая злоумышленнику внедрить произвольный веб-сценарий или HTML-код
Modified: 2024-11-21
CVE-2013-6674
Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message containing a data: URL in an IFRAME element, a related issue to CVE-2014-2018.
- 102566
- 102566
- http://packetstormsecurity.com/files/124965/Mozilla-Thunderbird-Filter-Bypass.html
- http://packetstormsecurity.com/files/124965/Mozilla-Thunderbird-Filter-Bypass.html
- 20140127 Mozilla Bug Bounty #5 - WireTap Remote Web Vulnerability
- 20140127 Mozilla Bug Bounty #5 - WireTap Remote Web Vulnerability
- VU#863369
- VU#863369
- http://www.mozilla.org/security/announce/2014/mfsa2014-14.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-14.html
- 1029773
- 1029773
- 1029774
- 1029774
- USN-2119-1
- USN-2119-1
- https://bugzilla.mozilla.org/show_bug.cgi?id=868267
- https://bugzilla.mozilla.org/show_bug.cgi?id=868267
Modified: 2024-11-21
CVE-2014-2018
Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message containing a data: URL in a (1) OBJECT or (2) EMBED element, a related issue to CVE-2013-6674.
- VU#863369
- VU#863369
- http://www.mozilla.org/security/announce/2014/mfsa2014-14.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-14.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- 1029773
- 1029773
- 1029774
- 1029774
- http://www.vulnerability-lab.com/get_content.php?id=953
- http://www.vulnerability-lab.com/get_content.php?id=953
- https://bugzilla.mozilla.org/show_bug.cgi?id=875818
- https://bugzilla.mozilla.org/show_bug.cgi?id=875818
No data currently available.
No data currently available.
No data currently available.
No data currently available.
No data currently available.
No data currently available.
No data currently available.
No data currently available.
No data currently available.
No data currently available.
No data currently available.
No data currently available.
No data currently available.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2013-4547
nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI.
- SUSE-SU-2013:1895
- SUSE-SU-2013:1895
- openSUSE-SU-2013:1745
- openSUSE-SU-2013:1745
- openSUSE-SU-2013:1791
- openSUSE-SU-2013:1791
- openSUSE-SU-2013:1792
- openSUSE-SU-2013:1792
- [nginx-announce] 20131119 nginx security advisory (CVE-2013-4547)
- [nginx-announce] 20131119 nginx security advisory (CVE-2013-4547)
- 55757
- 55757
- 55822
- 55822
- 55825
- 55825
- DSA-2802
- DSA-2802
Closed bugs
[FR] WebM MIME type
CVE-2013-4547 в nginx