This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:mozilla:thunderbird:17.0.7
Detail
VendorMozillaFirst view 2012-05-01
ProductThunderbirdLast view2019-09-27
Version17.0.7TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:mozilla:thunderbird

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
52019-09-27CVE-2019-11755NetworkLowNone Requ...
9.32019-09-27CVE-2019-11752NetworkMediumNone Requ...
6.82019-09-27CVE-2019-11746NetworkMediumNone Requ...
4.32019-09-27CVE-2019-11744NetworkMediumNone Requ...
4.32019-09-27CVE-2019-11743NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32019-09-27CVE-2019-11742NetworkMediumNone Requ...
7.52019-09-27CVE-2019-11740NetworkLowNone Requ...
4.32019-09-27CVE-2019-11739NetworkMediumNone Requ...
7.52019-07-23CVE-2019-9820NetworkLowNone Requ...
7.52019-07-23CVE-2019-9819NetworkLowNone Requ...
52019-07-23CVE-2019-9817NetworkLowNone Requ...
4.32019-07-23CVE-2019-9816NetworkMediumNone Requ...
6.82019-07-23CVE-2019-9815NetworkMediumNone Requ...
5.12019-07-23CVE-2019-9811NetworkHighNone Requ...
7.52019-07-23CVE-2019-9800NetworkLowNone Requ...
4.32019-07-23CVE-2019-11730NetworkMediumNone Requ...
52019-07-23CVE-2019-11729NetworkLowNone Requ...
52019-07-23CVE-2019-11719NetworkLowNone Requ...
52019-07-23CVE-2019-11717NetworkLowNone Requ...
4.32019-07-23CVE-2019-11715NetworkMediumNone Requ...
7.52019-07-23CVE-2019-11713NetworkLowNone Requ...
6.82019-07-23CVE-2019-11712NetworkMediumNone Requ...
6.82019-07-23CVE-2019-11711NetworkMediumNone Requ...
7.52019-07-23CVE-2019-11709NetworkLowNone Requ...

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
29% (97)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
18% (61)CWE-416Use After Free
12% (39)CWE-20Improper Input Validation
6% (20)CWE-200Information Exposure
5% (18)CWE-264Permissions, Privileges, and Access Controls
Hide | Show 20 More...
%idName
3% (11)CWE-399Resource Management Errors
2% (9)CWE-125Out-of-bounds Read
2% (8)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
2% (7)CWE-787Out-of-bounds Write
2% (7)CWE-190Integer Overflow or Wraparound
1% (5)CWE-704Incorrect Type Conversion or Cast
1% (5)CWE-17Code
1% (4)CWE-352Cross-Site Request Forgery (CSRF)
1% (4)CWE-94Failure to Control Generation of Code ('Code Injection')
0% (3)CWE-346Origin Validation Error
0% (3)CWE-310Cryptographic Issues
0% (3)CWE-254Security Features
0% (2)CWE-311Missing Encryption of Sensitive Data
0% (2)CWE-269Improper Privilege Management
0% (2)CWE-74Failure to Sanitize Data into a Different Plane ('Injection')
0% (1)CWE-732Incorrect Permission Assignment for Critical Resource
0% (1)CWE-682Incorrect Calculation
0% (1)CWE-522Insufficiently Protected Credentials
0% (1)CWE-476NULL Pointer Dereference
0% (1)CWE-426Untrusted Search Path

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:23744The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24....
oval:org.mitre.oval:def:24571TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before ...
oval:org.mitre.oval:def:18495Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler f...
oval:org.mitre.oval:def:18694The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before...
oval:org.mitre.oval:def:24710Cross-site scripting (XSS) using history navigations
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:20907RHSA-2013:1269: thunderbird security update (Important)
oval:org.mitre.oval:def:20767RHSA-2013:1268: firefox security update (Critical)
oval:org.mitre.oval:def:19905DSA-2759-1 iceweasel - several
oval:org.mitre.oval:def:19877DSA-2762-1 icedove - several
oval:org.mitre.oval:def:18789Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird befo...
oval:org.mitre.oval:def:24179ELSA-2013:1268: firefox security update (Critical)
oval:org.mitre.oval:def:23767ELSA-2013:1269: thunderbird security update (Important)
oval:org.mitre.oval:def:23564DEPRECATED: ELSA-2013:1268: firefox security update (Critical)
oval:org.mitre.oval:def:23194DEPRECATED: ELSA-2013:1269: thunderbird security update (Important)
oval:org.mitre.oval:def:27401DEPRECATED: ELSA-2013-1268 -- firefox security update (critical)
oval:org.mitre.oval:def:27396DEPRECATED: ELSA-2013-1269 -- thunderbird security update (important)
oval:org.mitre.oval:def:18531Document URI misrepresentation and masquerading
oval:org.mitre.oval:def:20678Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubTyp...
oval:org.mitre.oval:def:24017The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x b...
oval:org.mitre.oval:def:21015Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove functio...
oval:org.mitre.oval:def:22122Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through ...
oval:org.mitre.oval:def:23580ELSA-2013:1823: thunderbird security update (Important)
oval:org.mitre.oval:def:23547DEPRECATED: ELSA-2013:1823: thunderbird security update (Important)
oval:org.mitre.oval:def:24272USN-2119-1 -- thunderbird vulnerabilities
oval:org.mitre.oval:def:22218USN-2102-1 -- firefox vulnerabilities

SAINT Exploits

DescriptionLink
Firefox crypto.generateCRMFRequest command executionMore info here

ExploitDB Exploits

idDescription
34363Firefox toString console.time Privileged Javascript Injection
30474Firefox 5.0 - 15.0.1 - __exposedProps__ XCS Code Execution

OpenVAS Exploits

idDescription
2012-05-31Name : FreeBSD Ports: chromium
File : nvt/freebsd_chromium13.nasl
2012-05-07Name : Google Chrome Multiple Denial of Service Vulnerabilities - May 12 (Linux)
File : nvt/gb_google_chrome_mult_dos_vuln_may12_lin.nasl
2012-05-07Name : Google Chrome Multiple Denial of Service Vulnerabilities - May 12 (Mac OS X)
File : nvt/gb_google_chrome_mult_dos_vuln_may12_macosx.nasl
2012-05-07Name : Google Chrome Multiple Denial of Service Vulnerabilities - May 12 (Windows)
File : nvt/gb_google_chrome_mult_dos_vuln_may12_win.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0154Multiple Vulnerabilities in Oracle Fusion Middleware
Severity : Category I - VMSKEY : V0061081
2014-A-0113Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0053309
2014-A-0082Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0052487
2014-A-0064Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0050011
2014-A-0043Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0046769
Hide | Show 3 More...
idDescription
2014-A-0021Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0043921
2013-A-0233Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0042596
2013-A-0203Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0041365

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2019-10-08Mozilla Firefox Custom Elements write-after-free attempt
RuleID : 51440 - Type : BROWSER-FIREFOX - Revision : 1
2019-10-08Mozilla Firefox Custom Elements write-after-free attempt
RuleID : 51439 - Type : BROWSER-FIREFOX - Revision : 1
2019-10-08Mozilla Thunderbird input filter bypass cross site scripting attempt
RuleID : 51405 - Type : SERVER-MAIL - Revision : 1
2019-08-13Mozilla Firefox RemotePrompt sandbox escape attempt
RuleID : 50697 - Type : BROWSER-FIREFOX - Revision : 1
2019-08-13Mozilla Firefox RemotePrompt sandbox escape attempt
RuleID : 50696 - Type : BROWSER-FIREFOX - Revision : 1
Hide | Show 20 More...
DateDescription
2019-07-31Mozilla Firefox Array.prototype.pop type confusion attempt
RuleID : 50519 - Type : BROWSER-FIREFOX - Revision : 2
2019-07-31Mozilla Firefox Array.prototype.pop type confusion attempt
RuleID : 50518 - Type : BROWSER-FIREFOX - Revision : 2
2018-12-07out-of-bounds write attempt with malicious MAR file detected
RuleID : 48296 - Type : FILE-OTHER - Revision : 2
2018-12-07out-of-bounds write attempt with malicious MAR file detected
RuleID : 48295 - Type : FILE-OTHER - Revision : 2
2018-11-10libvorbis VORBIS audio data out of bounds write attempt
RuleID : 48106 - Type : FILE-MULTIMEDIA - Revision : 1
2018-11-10libvorbis VORBIS audio data out of bounds write attempt
RuleID : 48105 - Type : FILE-MULTIMEDIA - Revision : 1
2018-11-08Microsoft Edge OP_Memset type confusion attempt
RuleID : 48052 - Type : BROWSER-IE - Revision : 4
2018-11-08Microsoft Edge OP_Memset type confusion attempt
RuleID : 48051 - Type : BROWSER-IE - Revision : 4
2018-06-21Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt
RuleID : 46781 - Type : BROWSER-FIREFOX - Revision : 2
2018-06-21Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt
RuleID : 46767 - Type : BROWSER-FIREFOX - Revision : 4
2018-06-21Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt
RuleID : 46766 - Type : BROWSER-FIREFOX - Revision : 2
2018-06-21Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt
RuleID : 46765 - Type : BROWSER-FIREFOX - Revision : 2
2018-02-20Mozilla Firefox HTTP index format out of bounds read attempt
RuleID : 45476 - Type : BROWSER-FIREFOX - Revision : 2
2018-01-18Multiple browser pressure function denial of service attempt
RuleID : 45206 - Type : BROWSER-FIREFOX - Revision : 2
2018-01-10Multiple products non-ascii sender address spoofing attempt
RuleID : 45119 - Type : SERVER-MAIL - Revision : 3
2018-01-10Multiple products non-ascii sender address spoofing attempt
RuleID : 45118 - Type : SERVER-MAIL - Revision : 3
2018-01-10Multiple products non-ascii sender address spoofing attempt
RuleID : 45116 - Type : SERVER-MAIL - Revision : 4
2018-01-10Multiple products non-ascii sender address spoofing attempt
RuleID : 45115 - Type : SERVER-MAIL - Revision : 4
2017-08-31Mozilla multiple products SharedWorker MessagePort memory corruption attempt
RuleID : 43779 - Type : BROWSER-FIREFOX - Revision : 1
2017-07-27Mozilla Firefox domFuzzLite3 table use after free attempt
RuleID : 43347 - Type : BROWSER-FIREFOX - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-def329f680.nasl - Type : ACT_GATHER_INFO
2018-12-28Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1414.nasl - Type : ACT_GATHER_INFO
2018-12-27Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3831.nasl - Type : ACT_GATHER_INFO
2018-12-27Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3833.nasl - Type : ACT_GATHER_INFO
2018-12-18Name : A web browser installed on the remote macOS host is affected by multiple vuln...
File : macosx_firefox_62_0.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-12-14Name : The remote Debian host is missing a security update.
File : debian_DLA-1605.nasl - Type : ACT_GATHER_INFO
2018-12-13Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4354.nasl - Type : ACT_GATHER_INFO
2018-12-13Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_d10b49b28d0249e8afde0844626317af.nasl - Type : ACT_GATHER_INFO
2018-12-12Name : A web browser installed on the remote macOS host is affected by multiple vuln...
File : macosx_firefox_60_4_esr.nasl - Type : ACT_GATHER_INFO
2018-12-12Name : A web browser installed on the remote macOS host is affected by multiple vuln...
File : macosx_firefox_64_0.nasl - Type : ACT_GATHER_INFO
2018-12-12Name : A web browser installed on the remote Windows host is affected by multiple vu...
File : mozilla_firefox_60_4_esr.nasl - Type : ACT_GATHER_INFO
2018-12-12Name : A web browser installed on the remote Windows host is affected by multiple vu...
File : mozilla_firefox_64_0.nasl - Type : ACT_GATHER_INFO
2018-12-11Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1384.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2831.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2885.nasl - Type : ACT_GATHER_INFO
2018-11-26Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201811-13.nasl - Type : ACT_GATHER_INFO
2018-11-21Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3531.nasl - Type : ACT_GATHER_INFO
2018-11-21Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3532.nasl - Type : ACT_GATHER_INFO
2018-11-13Name : The remote Debian host is missing a security update.
File : debian_DLA-1575.nasl - Type : ACT_GATHER_INFO
2018-11-13Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4337.nasl - Type : ACT_GATHER_INFO
2018-11-09Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3403.nasl - Type : ACT_GATHER_INFO
2018-11-09Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201811-04.nasl - Type : ACT_GATHER_INFO
2018-11-08Name : The remote Debian host is missing a security update.
File : debian_DLA-1571.nasl - Type : ACT_GATHER_INFO
2018-11-07Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1367.nasl - Type : ACT_GATHER_INFO
2018-11-06Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1359.nasl - Type : ACT_GATHER_INFO