This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:mozilla:thunderbird:24.3.0 |
| Detail | |||
|---|---|---|---|
| Vendor | Mozilla | First view | 2012-05-01 |
| Product | Thunderbird | Last view | 2019-09-27 |
| Version | 24.3.0 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:mozilla:thunderbird | ||
Activity : Overall
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 5 | 2019-09-27 | CVE-2019-11755 | Network | Low | None Requ... | |
| 9.3 | 2019-09-27 | CVE-2019-11752 | Network | Medium | None Requ... | |
| 6.8 | 2019-09-27 | CVE-2019-11746 | Network | Medium | None Requ... | |
| 4.3 | 2019-09-27 | CVE-2019-11744 | Network | Medium | None Requ... | |
| 4.3 | 2019-09-27 | CVE-2019-11743 | Network | Medium | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 4.3 | 2019-09-27 | CVE-2019-11742 | Network | Medium | None Requ... | |
| 7.5 | 2019-09-27 | CVE-2019-11740 | Network | Low | None Requ... | |
| 4.3 | 2019-09-27 | CVE-2019-11739 | Network | Medium | None Requ... | |
| 7.5 | 2019-07-23 | CVE-2019-9820 | Network | Low | None Requ... | |
| 7.5 | 2019-07-23 | CVE-2019-9819 | Network | Low | None Requ... | |
| 5 | 2019-07-23 | CVE-2019-9817 | Network | Low | None Requ... | |
| 4.3 | 2019-07-23 | CVE-2019-9816 | Network | Medium | None Requ... | |
| 6.8 | 2019-07-23 | CVE-2019-9815 | Network | Medium | None Requ... | |
| 5.1 | 2019-07-23 | CVE-2019-9811 | Network | High | None Requ... | |
| 7.5 | 2019-07-23 | CVE-2019-9800 | Network | Low | None Requ... | |
| 4.3 | 2019-07-23 | CVE-2019-11730 | Network | Medium | None Requ... | |
| 5 | 2019-07-23 | CVE-2019-11729 | Network | Low | None Requ... | |
| 5 | 2019-07-23 | CVE-2019-11719 | Network | Low | None Requ... | |
| 5 | 2019-07-23 | CVE-2019-11717 | Network | Low | None Requ... | |
| 4.3 | 2019-07-23 | CVE-2019-11715 | Network | Medium | None Requ... | |
| 7.5 | 2019-07-23 | CVE-2019-11713 | Network | Low | None Requ... | |
| 6.8 | 2019-07-23 | CVE-2019-11712 | Network | Medium | None Requ... | |
| 6.8 | 2019-07-23 | CVE-2019-11711 | Network | Medium | None Requ... | |
| 7.5 | 2019-07-23 | CVE-2019-11709 | Network | Low | None Requ... |
CWE : Common Weakness Enumeration
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| % | id | Name |
|---|---|---|
| 28% (77) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 22% (61) | CWE-416 | Use After Free |
| 13% (36) | CWE-20 | Improper Input Validation |
| 7% (20) | CWE-200 | Information Exposure |
| 3% (9) | CWE-125 | Out-of-bounds Read |
| % | id | Name |
|---|---|---|
| 2% (7) | CWE-787 | Out-of-bounds Write |
| 2% (7) | CWE-190 | Integer Overflow or Wraparound |
| 2% (6) | CWE-264 | Permissions, Privileges, and Access Controls |
| 1% (5) | CWE-704 | Incorrect Type Conversion or Cast |
| 1% (5) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 1% (5) | CWE-17 | Code |
| 1% (4) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 1% (3) | CWE-399 | Resource Management Errors |
| 1% (3) | CWE-346 | Origin Validation Error |
| 1% (3) | CWE-254 | Security Features |
| 0% (2) | CWE-311 | Missing Encryption of Sensitive Data |
| 0% (2) | CWE-269 | Improper Privilege Management |
| 0% (2) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 0% (2) | CWE-74 | Failure to Sanitize Data into a Different Plane ('Injection') |
| 0% (1) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
| 0% (1) | CWE-682 | Incorrect Calculation |
| 0% (1) | CWE-522 | Insufficiently Protected Credentials |
| 0% (1) | CWE-476 | NULL Pointer Dereference |
| 0% (1) | CWE-426 | Untrusted Search Path |
| 0% (1) | CWE-388 | Error Handling |
Oval Markup Language : Definitions
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:24710 | Cross-site scripting (XSS) using history navigations |
| oval:org.mitre.oval:def:24419 | DEPRECATED: Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X ... |
| oval:org.mitre.oval:def:28459 | RHSA-2014:1924 -- thunderbird security update (Important) |
| oval:org.mitre.oval:def:28442 | DSA-3090-1 -- iceweasel security update |
| oval:org.mitre.oval:def:28351 | USN-2424-1 -- Firefox vulnerabilities |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:28336 | USN-2428-1 -- Thunderbird vulnerabilities |
| oval:org.mitre.oval:def:28317 | DSA-3092-1 -- icedove security update |
| oval:org.mitre.oval:def:28254 | ELSA-2014-1924 -- thunderbird security update (important) |
| oval:org.mitre.oval:def:28112 | ELSA-2014-1919 -- firefox security update (critical) |
| oval:org.mitre.oval:def:27983 | RHSA-2014:1919 -- firefox security update (Critical) |
| oval:org.mitre.oval:def:24267 | Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in ... |
| oval:org.mitre.oval:def:25264 | Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attacker... |
| oval:org.mitre.oval:def:24697 | Out of bounds read while decoding JPG images |
| oval:org.mitre.oval:def:24286 | Privilege escalation through Web Notification API |
| oval:org.mitre.oval:def:24352 | Use-after-free in nsHostResolver |
| oval:org.mitre.oval:def:24708 | ELSA-2014:0449: thunderbird security update (Important) |
| oval:org.mitre.oval:def:24349 | ELSA-2014:0448: firefox security update (Critical) |
| oval:org.mitre.oval:def:24175 | DEPRECATED: ELSA-2014:0449: thunderbird security update (Important) |
| oval:org.mitre.oval:def:24042 | DEPRECATED: ELSA-2014:0448: firefox security update (Critical) |
| oval:org.mitre.oval:def:24845 | RHSA-2014:0448: firefox security update (Critical) |
| oval:org.mitre.oval:def:24829 | RHSA-2014:0449: thunderbird security update (Important) |
| oval:org.mitre.oval:def:24581 | USN-2189-1 -- thunderbird vulnerabilities |
| oval:org.mitre.oval:def:27391 | DEPRECATED: ELSA-2014-0448 -- firefox security update (critical) |
| oval:org.mitre.oval:def:27348 | DEPRECATED: ELSA-2014-0449 -- thunderbird security update (important) |
| oval:org.mitre.oval:def:25002 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox... |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-05-31 | Name : FreeBSD Ports: chromium File : nvt/freebsd_chromium13.nasl |
| 2012-05-07 | Name : Google Chrome Multiple Denial of Service Vulnerabilities - May 12 (Linux) File : nvt/gb_google_chrome_mult_dos_vuln_may12_lin.nasl |
| 2012-05-07 | Name : Google Chrome Multiple Denial of Service Vulnerabilities - May 12 (Mac OS X) File : nvt/gb_google_chrome_mult_dos_vuln_may12_macosx.nasl |
| 2012-05-07 | Name : Google Chrome Multiple Denial of Service Vulnerabilities - May 12 (Windows) File : nvt/gb_google_chrome_mult_dos_vuln_may12_win.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0154 | Multiple Vulnerabilities in Oracle Fusion Middleware Severity : Category I - VMSKEY : V0061081 |
| 2014-A-0113 | Multiple Vulnerabilities in Mozilla Products Severity : Category I - VMSKEY : V0053309 |
| 2014-A-0082 | Multiple Vulnerabilities in Mozilla Products Severity : Category I - VMSKEY : V0052487 |
| 2014-A-0064 | Multiple Vulnerabilities in Mozilla Products Severity : Category I - VMSKEY : V0050011 |
Snort® IPS/IDS
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Description |
|---|---|
| 2019-10-08 | Mozilla Firefox Custom Elements write-after-free attempt RuleID : 51440 - Type : BROWSER-FIREFOX - Revision : 1 |
| 2019-10-08 | Mozilla Firefox Custom Elements write-after-free attempt RuleID : 51439 - Type : BROWSER-FIREFOX - Revision : 1 |
| 2019-08-13 | Mozilla Firefox RemotePrompt sandbox escape attempt RuleID : 50697 - Type : BROWSER-FIREFOX - Revision : 1 |
| 2019-08-13 | Mozilla Firefox RemotePrompt sandbox escape attempt RuleID : 50696 - Type : BROWSER-FIREFOX - Revision : 1 |
| 2019-07-31 | Mozilla Firefox Array.prototype.pop type confusion attempt RuleID : 50519 - Type : BROWSER-FIREFOX - Revision : 2 |
| Date | Description |
|---|---|
| 2019-07-31 | Mozilla Firefox Array.prototype.pop type confusion attempt RuleID : 50518 - Type : BROWSER-FIREFOX - Revision : 2 |
| 2018-12-07 | out-of-bounds write attempt with malicious MAR file detected RuleID : 48296 - Type : FILE-OTHER - Revision : 2 |
| 2018-12-07 | out-of-bounds write attempt with malicious MAR file detected RuleID : 48295 - Type : FILE-OTHER - Revision : 2 |
| 2018-11-10 | libvorbis VORBIS audio data out of bounds write attempt RuleID : 48106 - Type : FILE-MULTIMEDIA - Revision : 1 |
| 2018-11-10 | libvorbis VORBIS audio data out of bounds write attempt RuleID : 48105 - Type : FILE-MULTIMEDIA - Revision : 1 |
| 2018-11-08 | Microsoft Edge OP_Memset type confusion attempt RuleID : 48052 - Type : BROWSER-IE - Revision : 4 |
| 2018-11-08 | Microsoft Edge OP_Memset type confusion attempt RuleID : 48051 - Type : BROWSER-IE - Revision : 4 |
| 2018-06-21 | Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt RuleID : 46781 - Type : BROWSER-FIREFOX - Revision : 2 |
| 2018-06-21 | Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt RuleID : 46767 - Type : BROWSER-FIREFOX - Revision : 4 |
| 2018-06-21 | Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt RuleID : 46766 - Type : BROWSER-FIREFOX - Revision : 2 |
| 2018-06-21 | Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt RuleID : 46765 - Type : BROWSER-FIREFOX - Revision : 2 |
| 2018-02-20 | Mozilla Firefox HTTP index format out of bounds read attempt RuleID : 45476 - Type : BROWSER-FIREFOX - Revision : 2 |
| 2018-01-10 | Multiple products non-ascii sender address spoofing attempt RuleID : 45119 - Type : SERVER-MAIL - Revision : 3 |
| 2018-01-10 | Multiple products non-ascii sender address spoofing attempt RuleID : 45118 - Type : SERVER-MAIL - Revision : 3 |
| 2018-01-10 | Multiple products non-ascii sender address spoofing attempt RuleID : 45116 - Type : SERVER-MAIL - Revision : 4 |
| 2018-01-10 | Multiple products non-ascii sender address spoofing attempt RuleID : 45115 - Type : SERVER-MAIL - Revision : 4 |
| 2017-08-31 | Mozilla multiple products SharedWorker MessagePort memory corruption attempt RuleID : 43779 - Type : BROWSER-FIREFOX - Revision : 1 |
| 2017-07-27 | Mozilla Firefox domFuzzLite3 table use after free attempt RuleID : 43347 - Type : BROWSER-FIREFOX - Revision : 2 |
| 2017-07-27 | Mozilla Firefox domFuzzLite3 table use after free attempt RuleID : 43346 - Type : BROWSER-FIREFOX - Revision : 2 |
| 2016-12-02 | Mozilla Firefox ESR NotifyTimeChange use after free attempt RuleID : 40896-community - Type : BROWSER-FIREFOX - Revision : 3 |
Nessus® Vulnerability Scanner
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2019-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2018-def329f680.nasl - Type : ACT_GATHER_INFO |
| 2018-12-28 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2018-1414.nasl - Type : ACT_GATHER_INFO |
| 2018-12-27 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2018-3831.nasl - Type : ACT_GATHER_INFO |
| 2018-12-27 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2018-3833.nasl - Type : ACT_GATHER_INFO |
| 2018-12-18 | Name : A web browser installed on the remote macOS host is affected by multiple vuln... File : macosx_firefox_62_0.nasl - Type : ACT_GATHER_INFO |
| id | Description |
|---|---|
| 2018-12-14 | Name : The remote Debian host is missing a security update. File : debian_DLA-1605.nasl - Type : ACT_GATHER_INFO |
| 2018-12-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-4354.nasl - Type : ACT_GATHER_INFO |
| 2018-12-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_d10b49b28d0249e8afde0844626317af.nasl - Type : ACT_GATHER_INFO |
| 2018-12-12 | Name : A web browser installed on the remote macOS host is affected by multiple vuln... File : macosx_firefox_60_4_esr.nasl - Type : ACT_GATHER_INFO |
| 2018-12-12 | Name : A web browser installed on the remote macOS host is affected by multiple vuln... File : macosx_firefox_64_0.nasl - Type : ACT_GATHER_INFO |
| 2018-12-12 | Name : A web browser installed on the remote Windows host is affected by multiple vu... File : mozilla_firefox_60_4_esr.nasl - Type : ACT_GATHER_INFO |
| 2018-12-12 | Name : A web browser installed on the remote Windows host is affected by multiple vu... File : mozilla_firefox_64_0.nasl - Type : ACT_GATHER_INFO |
| 2018-12-11 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2018-1384.nasl - Type : ACT_GATHER_INFO |
| 2018-11-27 | Name : The remote Virtuozzo host is missing a security update. File : Virtuozzo_VZLSA-2017-2831.nasl - Type : ACT_GATHER_INFO |
| 2018-11-27 | Name : The remote Virtuozzo host is missing a security update. File : Virtuozzo_VZLSA-2017-2885.nasl - Type : ACT_GATHER_INFO |
| 2018-11-26 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201811-13.nasl - Type : ACT_GATHER_INFO |
| 2018-11-21 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2018-3531.nasl - Type : ACT_GATHER_INFO |
| 2018-11-21 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2018-3532.nasl - Type : ACT_GATHER_INFO |
| 2018-11-13 | Name : The remote Debian host is missing a security update. File : debian_DLA-1575.nasl - Type : ACT_GATHER_INFO |
| 2018-11-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-4337.nasl - Type : ACT_GATHER_INFO |
| 2018-11-09 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2018-3403.nasl - Type : ACT_GATHER_INFO |
| 2018-11-09 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201811-04.nasl - Type : ACT_GATHER_INFO |
| 2018-11-08 | Name : The remote Debian host is missing a security update. File : debian_DLA-1571.nasl - Type : ACT_GATHER_INFO |
| 2018-11-07 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2018-1367.nasl - Type : ACT_GATHER_INFO |
| 2018-11-06 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2018-1359.nasl - Type : ACT_GATHER_INFO |
