all InfoSec news
USN-6468-1: Thunderbird vulnerabilities
Nov. 2, 2023, 3:30 a.m. |
Ubuntu security notices ubuntu.com
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code. (CVE-2023-5724, CVE-2023-5728,
CVE-2023-5730, CVE-2023-5732)
Kelsey Gilbert discovered that Thunderbird did not properly manage certain
browser prompts and dialogs due to an insufficient activation-delay. An
attacker could potentially exploit this issue to perform clickjacking.
(CVE-2023-5721) …
arbitrary code attacker browsing bypass code context cross-site cve denial of service exploit gilbert information restrictions security security issues sensitive sensitive information service thunderbird tracing usn vulnerabilities website
More from ubuntu.com / Ubuntu security notices
USN-6804-1: GNU C Library vulnerabilities
1 day, 21 hours ago |
ubuntu.com
USN-6803-1: FFmpeg vulnerabilities
2 days, 18 hours ago |
ubuntu.com
USN-6802-1: PostgreSQL vulnerability
2 days, 22 hours ago |
ubuntu.com
USN-6801-1: PyMySQL vulnerability
2 days, 22 hours ago |
ubuntu.com
USN-6798-1: GStreamer Base Plugins vulnerability
3 days, 19 hours ago |
ubuntu.com
USN-6796-1: TPM2 Software Stack vulnerabilities
3 days, 21 hours ago |
ubuntu.com
USN-6797-1: Intel Microcode vulnerabilities
4 days, 3 hours ago |
ubuntu.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)