CLD-152 Details

Other IDs this deficiency may be known by:

CVE ID None
Other ID(s) fixed-in-52.5.0, mfsa2017-26

Basic Information:

Affected Package(s) thunderbird
Deficiency Type SECURITY
Date Created 2017-11-24 12:12:48
Date Last Modified 2017-11-25 12:04:56

Version Specific Information:

Cucumber 1.0 i686fixed in thunderbird-52.5.0-i686-1
Cucumber 1.0 x86_64fixed in thunderbird-52.5.0-x86_64-1

Cucumber 1.1 i686 fixed in thunderbird-52.5.0-i686-1
Cucumber 1.1 x86_64 fixed in thunderbird-52.5.0-x86_64-1

Details:

The vulnerabilities fixed Thunderbird 52.5.0 have been assigned the ID
mfsa2017-26 (https://www.mozilla.org/en-US/security/advisories/mfsa2017-26/).
The following CVEs have been addressed:
	CVE-2017-7828: Use-after-free of PressShell while restyling layout
	CVE-2017-7830: Cross-origin URL information leak through Resource Timing API
	CVE-2017-7830: Cross-origin URL information leak through Resource Timing API