CentOS 6 / 7 : thunderbird (CESA-2018:0061)
Medium Nessus Plugin ID 105658
SynopsisThe remote CentOS host is missing a security update.
DescriptionAn update for thunderbird is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 52.5.2.
Security Fix(es) :
* Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-7846, CVE-2017-7847, CVE-2017-7848, CVE-2017-7829)
Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges cure53 and Sabri Haddouche as the original reporters.
SolutionUpdate the affected thunderbird package.