CVE-2017-7846
11.06.2018, 21:29
It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View -> Feed article -> Website" or in the standard format of "View -> Feed article -> default format". This vulnerability affects Thunderbird < 52.5.2.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| debian | debian_linux | 7.0 |
| debian | debian_linux | 8.0 |
| debian | debian_linux | 9.0 |
| mozilla | thunderbird | 𝑥 < 52.5.2 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| MozillaThunderbird |
| ||||||||||||||||||||||||||||||||||||||||
| MozillaThunderbird-devel |
| ||||||||||||||||||||||||||||||||||||||||
| MozillaThunderbird-translations-common |
| ||||||||||||||||||||||||||||||||||||||||
| MozillaThunderbird-translations-other |
|
Red Hat Enterprise Linux Releases
References