漏洞类别:Ubuntu
漏洞等级: 
漏洞信息
Multiple security issues were discovered in Thunderbird.
漏洞危害
If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to bypass same origin restrictions, obtain sensitive information, cause a denial of service via application crash or hang, or execute arbitrary code. (CVE-2017-5398, CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5404, CVE-2017-5405, CVE-2017-5407, CVE-2017-5408, CVE-2017-5410)
解决方案
Refer to Ubuntu advisory USN-3233-1 for affected packages and patching details, or update with your package manager.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
USN-3233-1: 14.04 (Kylin) on src (thunderbird)
USN-3233-1: 16.10 (Yakkety) on src (thunderbird)
0day
文章评论