New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 5.9
SynopsisThe remote openSUSE host is missing a security update.
DescriptionMozilla Thunderbird was updated to version 14.0 (bnc#771583)
- MFSA 2012-42/CVE-2012-1949/CVE-2012-1948 Miscellaneous memory safety hazards
- MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-20 12-1952 Gecko memory corruption
- MFSA 2012-45/CVE-2012-1955 (bmo#757376) Spoofing issue with location
- MFSA 2012-48/CVE-2012-1958 (bmo#750820) use-after-free in nsGlobalWindow::PageHidden
- MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559) Same-compartment Security Wrappers can be bypassed
- MFSA 2012-50/CVE-2012-1960 (bmo#761014) Out of bounds read in QCMS
- MFSA 2012-51/CVE-2012-1961 (bmo#761655) X-Frame-Options header ignored when duplicated
- MFSA 2012-52/CVE-2012-1962 (bmo#764296) JSDependentString::undepend string conversion results in memory corruption
- MFSA 2012-53/CVE-2012-1963 (bmo#767778) Content Security Policy 1.0 implementation errors cause data leakage
- relicensed to MPL-2.0
- update Enigmail to 1.4.3
- no crashreport on %arm, fixing build
SolutionUpdate the affected MozillaThunderbird packages.