This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:mozilla:thunderbird:3.1.18
Detail
VendorMozillaFirst view 2011-08-18
ProductThunderbirdLast view2019-04-26
Version3.1.18TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:mozilla:thunderbird

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
6.82019-04-26CVE-2019-9813NetworkMediumNone Requ...
6.82019-04-26CVE-2019-9810NetworkMediumNone Requ...
52019-04-26CVE-2019-9801NetworkLowNone Requ...
7.52019-04-26CVE-2019-9796NetworkLowNone Requ...
7.52019-04-26CVE-2019-9795NetworkLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.52019-04-26CVE-2019-9794NetworkLowNone Requ...
4.32019-04-26CVE-2019-9793NetworkMediumNone Requ...
7.52019-04-26CVE-2019-9792NetworkLowNone Requ...
7.52019-04-26CVE-2019-9791NetworkLowNone Requ...
7.52019-04-26CVE-2019-9790NetworkLowNone Requ...
7.52019-04-26CVE-2019-9788NetworkLowNone Requ...
52019-04-26CVE-2018-18513NetworkLowNone Requ...
7.52019-04-26CVE-2018-18512NetworkLowNone Requ...
52019-04-26CVE-2018-18509NetworkLowNone Requ...
4.32019-02-28CVE-2018-18499NetworkMediumNone Requ...
7.52019-02-28CVE-2018-18498NetworkLowNone Requ...
4.32019-02-28CVE-2018-18494NetworkMediumNone Requ...
7.52019-02-28CVE-2018-18493NetworkLowNone Requ...
7.52019-02-28CVE-2018-18492NetworkLowNone Requ...
7.52019-02-28CVE-2018-12405NetworkLowNone Requ...
7.52019-02-28CVE-2018-12392NetworkLowNone Requ...
9.32019-02-28CVE-2018-12391NetworkMediumNone Requ...
7.52019-02-28CVE-2018-12390NetworkLowNone Requ...
6.82019-02-28CVE-2018-12389NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
28% (125)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
15% (67)CWE-399Resource Management Errors
12% (55)CWE-416Use After Free
9% (41)CWE-264Permissions, Privileges, and Access Controls
7% (34)CWE-20Improper Input Validation
Hide | Show 20 More...
%idName
5% (25)CWE-200Information Exposure
2% (13)CWE-254Security Features
2% (11)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
2% (9)CWE-94Failure to Control Generation of Code ('Code Injection')
1% (8)CWE-125Out-of-bounds Read
1% (7)CWE-787Out-of-bounds Write
1% (7)CWE-190Integer Overflow or Wraparound
1% (5)CWE-189Numeric Errors
1% (5)CWE-17Code
0% (4)CWE-310Cryptographic Issues
0% (3)CWE-352Cross-Site Request Forgery (CSRF)
0% (2)CWE-704Incorrect Type Conversion or Cast
0% (2)CWE-346Origin Validation Error
0% (2)CWE-284Access Control (Authorization) Issues
0% (2)CWE-74Failure to Sanitize Data into a Different Plane ('Injection')
0% (2)CWE-16Configuration
0% (1)CWE-476NULL Pointer Dereference
0% (1)CWE-426Untrusted Search Path
0% (1)CWE-388Error Handling
0% (1)CWE-347Improper Verification of Cryptographic Signature

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:23744The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24....
oval:org.mitre.oval:def:24571TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before ...
oval:org.mitre.oval:def:16692Untrusted search path vulnerability in the installer in Mozilla Firefox befor...
oval:org.mitre.oval:def:21545RHSA-2012:1362: thunderbird security update (Critical)
oval:org.mitre.oval:def:21341RHSA-2012:1361: xulrunner security update (Critical)
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:18116USN-1611-1 -- thunderbird vulnerabilities
oval:org.mitre.oval:def:16786Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird be...
oval:org.mitre.oval:def:23952ELSA-2012:1362: thunderbird security update (Critical)
oval:org.mitre.oval:def:23105DEPRECATED: ELSA-2012:1362: thunderbird security update (Critical)
oval:org.mitre.oval:def:23099ELSA-2012:1361: xulrunner security update (Critical)
oval:org.mitre.oval:def:23004DEPRECATED: ELSA-2012:1361: xulrunner security update (Critical)
oval:org.mitre.oval:def:27077DEPRECATED: ELSA-2012-1361 -- xulrunner security update (critical)
oval:org.mitre.oval:def:26871DEPRECATED: ELSA-2012-1362 -- thunderbird security update (critical)
oval:org.mitre.oval:def:18495Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler f...
oval:org.mitre.oval:def:17117The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations...
oval:org.mitre.oval:def:17096Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird befo...
oval:org.mitre.oval:def:21630RHSA-2012:1483: thunderbird security update (Critical)
oval:org.mitre.oval:def:21071RHSA-2012:1482: firefox security update (Critical)
oval:org.mitre.oval:def:20112DSA-2584-1 iceape - several
oval:org.mitre.oval:def:19855DSA-2588-1 icedove - several
oval:org.mitre.oval:def:18575DSA-2583-1 iceweasel - several
oval:org.mitre.oval:def:16573Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox...
oval:org.mitre.oval:def:23820ELSA-2012:1482: firefox security update (Critical)
oval:org.mitre.oval:def:23474DEPRECATED: ELSA-2012:1482: firefox security update (Critical)
oval:org.mitre.oval:def:23314ELSA-2012:1483: thunderbird security update (Critical)

SAINT Exploits

DescriptionLink
Mozilla Firefox onreadystatechange Event Use After FreeMore info here
Mozilla Firefox XMLSerializer serializeToStream Use-after-free VulnerabilityMore info here
Firefox crypto.generateCRMFRequest command executionMore info here

Open Source Vulnerability Database (OSVDB)

idDescription
77955Mozilla Multiple Product for Mac DOM Frame Deletion NULL Dereference Remote C...
76954Mozilla Multiple Product WebGL GPU Memory Random Image Disclosure
76950Mozilla Multiple Product Unchecked Allocation Failure Remote Memory Corruption
76949Mozilla Multiple Product SVG <mpath> Non-SVG Link Remote Memory Corruption
75846Mozilla Multiple Product Use-after-free OGG File Handling Remote Code Execution
Hide | Show 14 More...
idDescription
75844Mozilla Multiple Product YARR Unspecified Memory Corruption
75841Mozilla Multiple Product Enter Key Download Dialog Verification Bypass
75840Mozilla Multiple Product PLUGINSPAGE Enter Key Addon Installation Verificatio...
75839Mozilla Multiple Product Multiple Header Handling HTTP Response Splitting Wea...
75838Mozilla Multiple Product window.location Named Frame Creation Same Origin Pol...
75836Mozilla Multiple Product Multiple Unspecified Memory Corruption (2011-2997)
75834Mozilla Multiple Product Multiple Unspecified Memory Corruption (2011-2995)
74595Mozilla Multiple Products Ogg Reader Unspecified DoS
74594Mozilla Multiple Products JavaScript Unspecified DoS
74592Mozilla Multiple Products WebGL Unspecified DoS
74591Mozilla Multiple Products WebGL Shader Compiler ShaderSource Method Overflow
74590Mozilla Multiple Products WebGL Almost Native Graphics Layer Engine (ANGLE) S...
74589Mozilla Multiple Products D2D API Same Origin Policy Bypass Image Data Disclo...
74588Mozilla Multiple Products Multiple Unspecified Memory Corruption (2011-2985)

ExploitDB Exploits

idDescription
34363Firefox toString console.time Privileged Javascript Injection
30474Firefox 5.0 - 15.0.1 - __exposedProps__ XCS Code Execution

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2013-09-18Name : Debian Security Advisory DSA 2458-2 (iceape - several vulnerabilities)
File : nvt/deb_2458_2.nasl
2013-09-18Name : Debian Security Advisory DSA 2553-1 (iceweasel - several vulnerabilities)
File : nvt/deb_2553_1.nasl
2013-09-18Name : Debian Security Advisory DSA 2583-1 (iceweasel - several vulnerabilities)
File : nvt/deb_2583_1.nasl
2013-09-18Name : Debian Security Advisory DSA 2584-1 (iceape - several vulnerabilities)
File : nvt/deb_2584_1.nasl
2013-09-18Name : Debian Security Advisory DSA 2588-1 (icedove - several vulnerabilities)
File : nvt/deb_2588_1.nasl
Hide | Show 20 More...
idDescription
2012-12-13Name : SuSE Update for MozillaFirefox, openSUSE-SU-2012:0760-1 (MozillaFirefox,)
File : nvt/gb_suse_2012_0760_1.nasl
2012-12-13Name : SuSE Update for MozillaFirefox openSUSE-SU-2012:1064-1 (MozillaFirefox)
File : nvt/gb_suse_2012_1064_1.nasl
2012-12-13Name : SuSE Update for MozillaFirefox openSUSE-SU-2012:1345-1 (MozillaFirefox)
File : nvt/gb_suse_2012_1345_1.nasl
2012-12-13Name : SuSE Update for Mozilla Suite openSUSE-SU-2012:1412-1 (Mozilla Suite)
File : nvt/gb_suse_2012_1412_1.nasl
2012-12-06Name : Fedora Update for seamonkey FEDORA-2012-18931
File : nvt/gb_fedora_2012_18931_seamonkey_fc16.nasl
2012-12-06Name : Fedora Update for seamonkey FEDORA-2012-18952
File : nvt/gb_fedora_2012_18952_seamonkey_fc17.nasl
2012-12-04Name : Ubuntu Update for firefox USN-1638-3
File : nvt/gb_ubuntu_USN_1638_3.nasl
2012-11-26Name : Mozilla SeaMonkey Multiple Vulnerabilities-01 November12 (Windows)
File : nvt/gb_mozilla_seamonkey_mult_vuln01_nov12_win.nasl
2012-11-26Name : Mozilla SeaMonkey Multiple Vulnerabilities-02 November12 (Windows)
File : nvt/gb_mozilla_seamonkey_mult_vuln02_nov12_win.nasl
2012-11-26Name : Mozilla Thunderbird ESR Multiple Vulnerabilities-01 November12 (Windows)
File : nvt/gb_mozilla_thunderbird_esr_mult_vuln01_nov12_win.nasl
2012-11-26Name : Mozilla Thunderbird Multiple Vulnerabilities-01 November12 (Windows)
File : nvt/gb_mozilla_thunderbird_mult_vuln01_nov12_win.nasl
2012-11-26Name : Mozilla Thunderbird Multiple Vulnerabilities-02 November12 (Windows)
File : nvt/gb_mozilla_thunderbird_mult_vuln02_nov12_win.nasl
2012-11-26Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox72.nasl
2012-11-26Name : Mozilla Firefox ESR Multiple Vulnerabilities-01 November12 (Windows)
File : nvt/gb_mozilla_firefox_esr_mult_vuln01_nov12_win.nasl
2012-11-26Name : Mozilla Firefox Multiple Vulnerabilities-01 November12 (Mac OS X)
File : nvt/gb_mozilla_prdts_mult_vuln01_nov12_macosx.nasl
2012-11-26Name : Mozilla Firefox Multiple Vulnerabilities-01 November12 (Windows)
File : nvt/gb_mozilla_prdts_mult_vuln01_nov12_win.nasl
2012-11-26Name : Mozilla Firefox Multiple Vulnerabilities-02 November12 (Mac OS X)
File : nvt/gb_mozilla_prdts_mult_vuln02_nov12_macosx.nasl
2012-11-26Name : Mozilla Firefox Multiple Vulnerabilities-02 November12 (Windows)
File : nvt/gb_mozilla_prdts_mult_vuln02_nov12_win.nasl
2012-11-23Name : RedHat Update for firefox RHSA-2012:1482-01
File : nvt/gb_RHSA-2012_1482-01_firefox.nasl
2012-11-23Name : RedHat Update for thunderbird RHSA-2012:1483-01
File : nvt/gb_RHSA-2012_1483-01_thunderbird.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0154Multiple Vulnerabilities in Oracle Fusion Middleware
Severity : Category I - VMSKEY : V0061081
2014-A-0113Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0053309
2014-A-0082Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0052487
2014-A-0064Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0050011
2014-A-0043Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0046769
Hide | Show 3 More...
idDescription
2014-A-0021Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0043921
2013-A-0233Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0042596
2013-A-0203Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0041365

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2018-12-07out-of-bounds write attempt with malicious MAR file detected
RuleID : 48296 - Type : FILE-OTHER - Revision : 2
2018-12-07out-of-bounds write attempt with malicious MAR file detected
RuleID : 48295 - Type : FILE-OTHER - Revision : 2
2018-11-10libvorbis VORBIS audio data out of bounds write attempt
RuleID : 48106 - Type : FILE-MULTIMEDIA - Revision : 1
2018-11-10libvorbis VORBIS audio data out of bounds write attempt
RuleID : 48105 - Type : FILE-MULTIMEDIA - Revision : 1
2018-11-08Microsoft Edge OP_Memset type confusion attempt
RuleID : 48052 - Type : BROWSER-IE - Revision : 3
Hide | Show 20 More...
DateDescription
2018-11-08Microsoft Edge OP_Memset type confusion attempt
RuleID : 48051 - Type : BROWSER-IE - Revision : 3
2018-06-21Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt
RuleID : 46781 - Type : BROWSER-FIREFOX - Revision : 2
2018-06-21Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt
RuleID : 46767 - Type : BROWSER-FIREFOX - Revision : 4
2018-06-21Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt
RuleID : 46766 - Type : BROWSER-FIREFOX - Revision : 2
2018-06-21Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt
RuleID : 46765 - Type : BROWSER-FIREFOX - Revision : 2
2018-02-20Mozilla Firefox HTTP index format out of bounds read attempt
RuleID : 45476 - Type : BROWSER-FIREFOX - Revision : 2
2018-01-18Multiple browser pressure function denial of service attempt
RuleID : 45206 - Type : BROWSER-FIREFOX - Revision : 2
2018-01-10Multiple products non-ascii sender address spoofing attempt
RuleID : 45119 - Type : SERVER-MAIL - Revision : 3
2018-01-10Multiple products non-ascii sender address spoofing attempt
RuleID : 45118 - Type : SERVER-MAIL - Revision : 3
2018-01-10Multiple products non-ascii sender address spoofing attempt
RuleID : 45116 - Type : SERVER-MAIL - Revision : 4
2018-01-10Multiple products non-ascii sender address spoofing attempt
RuleID : 45115 - Type : SERVER-MAIL - Revision : 4
2017-08-31Mozilla multiple products SharedWorker MessagePort memory corruption attempt
RuleID : 43779 - Type : BROWSER-FIREFOX - Revision : 1
2017-07-27Mozilla Firefox domFuzzLite3 table use after free attempt
RuleID : 43347 - Type : BROWSER-FIREFOX - Revision : 2
2017-07-27Mozilla Firefox domFuzzLite3 table use after free attempt
RuleID : 43346 - Type : BROWSER-FIREFOX - Revision : 2
2017-03-01Mozilla Firefox generatecrmfrequest policy function call access attempt
RuleID : 41423 - Type : BROWSER-PLUGINS - Revision : 3
2017-03-01Mozilla Firefox generatecrmfrequest policy function call access attempt
RuleID : 41422 - Type : BROWSER-PLUGINS - Revision : 3
2016-12-02Mozilla Firefox ESR NotifyTimeChange use after free attempt
RuleID : 40896-community - Type : BROWSER-FIREFOX - Revision : 3
2017-01-04Mozilla Firefox ESR NotifyTimeChange use after free attempt
RuleID : 40896 - Type : BROWSER-FIREFOX - Revision : 3
2016-12-01Mozilla Firefox ESR NotifyTimeChange use after free attempt
RuleID : 40888-community - Type : BROWSER-FIREFOX - Revision : 3
2017-01-04Mozilla Firefox ESR NotifyTimeChange use after free attempt
RuleID : 40888 - Type : BROWSER-FIREFOX - Revision : 3

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-def329f680.nasl - Type : ACT_GATHER_INFO
2018-12-28Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1414.nasl - Type : ACT_GATHER_INFO
2018-12-27Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3831.nasl - Type : ACT_GATHER_INFO
2018-12-27Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3833.nasl - Type : ACT_GATHER_INFO
2018-12-18Name : A web browser installed on the remote macOS host is affected by multiple vuln...
File : macosx_firefox_62_0.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-12-14Name : The remote Debian host is missing a security update.
File : debian_DLA-1605.nasl - Type : ACT_GATHER_INFO
2018-12-13Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4354.nasl - Type : ACT_GATHER_INFO
2018-12-13Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_d10b49b28d0249e8afde0844626317af.nasl - Type : ACT_GATHER_INFO
2018-12-12Name : A web browser installed on the remote macOS host is affected by multiple vuln...
File : macosx_firefox_60_4_esr.nasl - Type : ACT_GATHER_INFO
2018-12-12Name : A web browser installed on the remote macOS host is affected by multiple vuln...
File : macosx_firefox_64_0.nasl - Type : ACT_GATHER_INFO
2018-12-12Name : A web browser installed on the remote Windows host is affected by multiple vu...
File : mozilla_firefox_60_4_esr.nasl - Type : ACT_GATHER_INFO
2018-12-12Name : A web browser installed on the remote Windows host is affected by multiple vu...
File : mozilla_firefox_64_0.nasl - Type : ACT_GATHER_INFO
2018-12-11Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1384.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2831.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2885.nasl - Type : ACT_GATHER_INFO
2018-11-26Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201811-13.nasl - Type : ACT_GATHER_INFO
2018-11-21Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3531.nasl - Type : ACT_GATHER_INFO
2018-11-21Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3532.nasl - Type : ACT_GATHER_INFO
2018-11-13Name : The remote Debian host is missing a security update.
File : debian_DLA-1575.nasl - Type : ACT_GATHER_INFO
2018-11-13Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4337.nasl - Type : ACT_GATHER_INFO
2018-11-09Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3403.nasl - Type : ACT_GATHER_INFO
2018-11-09Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201811-04.nasl - Type : ACT_GATHER_INFO
2018-11-08Name : The remote Debian host is missing a security update.
File : debian_DLA-1571.nasl - Type : ACT_GATHER_INFO
2018-11-07Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1367.nasl - Type : ACT_GATHER_INFO
2018-11-06Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1359.nasl - Type : ACT_GATHER_INFO