Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/4041?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/4041?format=api", "purl": "pkg:deb/debian/icedove@1.5.0.10.dfsg1-3", "type": "deb", "namespace": "debian", "name": "icedove", "version": "1.5.0.10.dfsg1-3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/546?format=api", "vulnerability_id": "VCID-11uz-v7pw-v7hw", "summary": "URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5383" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-11uz-v7pw-v7hw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3029?format=api", "vulnerability_id": "VCID-1322-2jgj-2kh2", "summary": "Mozilla developers and community identified and fixed several memory safety\nbugs in the browser engine used in Firefox and other Mozilla-based products.\nSome of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2724", "reference_id": "CVE-2015-2724", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2724" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-59", "reference_id": "mfsa2015-59", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-59" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4047?format=api", "purl": "pkg:deb/debian/icedove@31.8.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.8.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-2724" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1322-2jgj-2kh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1989?format=api", "vulnerability_id": "VCID-143m-7g97-97h1", "summary": "Mozilla security researcher moz_bug_r_a4 reported that\nthrough an interaction of frames and browser history it was possible to make the\nbrowser believe attacker-supplied content came from the location of a previous\npage in browser history. This allows for cross-site scripting (XSS) attacks by\nloading scripts from a misrepresented malicious site through relative locations\nand the potential access of stored credentials of a spoofed site.In general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1709", "reference_id": "CVE-2013-1709", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1709" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-68", "reference_id": "mfsa2013-68", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-68" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1709" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-143m-7g97-97h1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1935?format=api", "vulnerability_id": "VCID-1bx2-4ka7-w3cr", "summary": "The CESG, the Information Security Arm of GCHQ, reported a dangling\npointer dereference within the Netscape Plugin Application Programming Interface (NPAPI)\nthat could lead to the NPAPI subsystem crashing. This issue requires a maliciously crafted\nNPAPI plugin in concert with scripted web content, resulting in a potentially exploitable\ncrash when triggered.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "CVE-2016-1966", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-31", "reference_id": "mfsa2016-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-31" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1966" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1bx2-4ka7-w3cr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/232?format=api", "vulnerability_id": "VCID-1es7-pnwd-pfdw", "summary": "A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90", "reference_id": "mfsa2016-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93", "reference_id": "mfsa2016-93", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9066" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1es7-pnwd-pfdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/650?format=api", "vulnerability_id": "VCID-1j25-aujy-1fb3", "summary": "A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7752" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1j25-aujy-1fb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/653?format=api", "vulnerability_id": "VCID-1qr1-6zdx-fqd1", "summary": "A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. This results in a potentially exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7757" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1qr1-6zdx-fqd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/602?format=api", "vulnerability_id": "VCID-21fd-3bm8-nuhg", "summary": "Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7787" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-21fd-3bm8-nuhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2727?format=api", "vulnerability_id": "VCID-2abx-thsg-bbdn", "summary": "Security researchers Tyson Smith and Jesse\nSchwartzentruber of the BlackBerry Security Automated Analysis Team\nused the Address Sanitizer tool while fuzzing to discover a use-after-free\nduring host resolution in some circumstances. This leads to a potentially\nexploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1532", "reference_id": "CVE-2014-1532", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1532" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-46", "reference_id": "mfsa2014-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-46" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1532" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2abx-thsg-bbdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/217?format=api", "vulnerability_id": "VCID-2dx6-ehwy-xubu", "summary": "Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95", "reference_id": "mfsa2016-95", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96", "reference_id": "mfsa2016-96", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9899" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2dx6-ehwy-xubu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/646?format=api", "vulnerability_id": "VCID-2ep2-61mb-cbd3", "summary": "A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7749" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ep2-61mb-cbd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2771?format=api", "vulnerability_id": "VCID-2j41-vcxe-w3af", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team reported an out of bounds write in the \nNetscape \nPortable Runtime (NSPR) leading to a potentially exploitable crash or code\nexecution. This issue is fixed in NSPR version 4.10.6.\nThis NSPR flaw was not exposed to web content in any shipped version of Firefox.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1545", "reference_id": "CVE-2014-1545", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1545" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-55", "reference_id": "mfsa2014-55", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-55" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1545" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2j41-vcxe-w3af" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2754?format=api", "vulnerability_id": "VCID-2mse-59w2-fbbv", "summary": "Mozilla developers and community identified identified and fixed several\nmemory safety bugs in the browser engine used in Firefox and other Mozilla-based\nproducts. Some of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1547", "reference_id": "CVE-2014-1547", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1547" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-56", "reference_id": "mfsa2014-56", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-56" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1547" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2mse-59w2-fbbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/647?format=api", "vulnerability_id": "VCID-2nfu-kf32-myag", "summary": "A use-after-free vulnerability during video control operations when a <track> element holds a reference to an older window if that window has been replaced in the DOM. This results in a potentially exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7750" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2nfu-kf32-myag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2970?format=api", "vulnerability_id": "VCID-2u3s-8pqy-27gd", "summary": "Security researcher Aki Helin used the Address Sanitizer\ntool to find a buffer overflow during video playback on Linux systems. This was\ndue to a problem in older versions of the Gstreamer plugin during the parsing of\nH.264 formatted video. This issue could be used to induce a possibly exploitable\ncrash.\nThis issue does not affect the current 1.0 version of Gstreamer\nand does not affect Windows or OS X systems.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797", "reference_id": "CVE-2015-0797", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-47", "reference_id": "mfsa2015-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4047?format=api", "purl": "pkg:deb/debian/icedove@31.8.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.8.0-1~deb7u1" } ], "aliases": [ "CVE-2015-0797" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2u3s-8pqy-27gd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2913?format=api", "vulnerability_id": "VCID-35ek-28ks-vqdf", "summary": "Security researcher Ronald Crane reported seven\nvulnerabilities affecting released code that he found through code inspection.\nThese included three uses of uninitialized memory, one poor validation\nleading to an exploitable crash, one read of unowned memory in zip files, and\ntwo buffer overflows. These do not all have clear mechanisms to be exploited\nthrough web content but are vulnerable if a mechanism can be found to trigger\nthem.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2734", "reference_id": "CVE-2015-2734", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2734" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-66", "reference_id": "mfsa2015-66", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-66" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4047?format=api", "purl": "pkg:deb/debian/icedove@31.8.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.8.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-2734" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-35ek-28ks-vqdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2089?format=api", "vulnerability_id": "VCID-37vd-fc2a-hkek", "summary": "Mozilla community member Federico Lanusse reported a\nmechanism where a web worker can violate same-origin policy and bypass\ncross-origin checks through XMLHttpRequest. This could allow for cross-site\nscripting (XSS) attacks by web workers.\nIn general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1714", "reference_id": "CVE-2013-1714", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1714" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-73", "reference_id": "mfsa2013-73", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-73" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1714" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-37vd-fc2a-hkek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/540?format=api", "vulnerability_id": "VCID-3am9-1vdf-27gt", "summary": "JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5375" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3am9-1vdf-27gt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2053?format=api", "vulnerability_id": "VCID-3ed2-gkvm-87b5", "summary": "Mozilla developers identified and fixed several memory safety bugs in the\nbrowser engine used in Firefox and other Mozilla-based products. Some of these\nbugs showed evidence of memory corruption under certain circumstances, and we\npresume that with enough effort at least some of these could be exploited to run\narbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0801", "reference_id": "CVE-2013-0801", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0801" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-41", "reference_id": "mfsa2013-41", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-41" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-0801" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ed2-gkvm-87b5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1990?format=api", "vulnerability_id": "VCID-3ekz-3akk-63er", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover a series of\nuse-after-free problems rated critical as security issues in shipped software.\nSome of these issues are potentially exploitable, allowing for remote code\nexecution. We would also like to thank Abhishek for reporting additional\nuse-after-free and buffer overflow flaws in code introduced during Firefox\ndevelopment. These were fixed before general release.In general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1684", "reference_id": "CVE-2013-1684", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1684" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-50", "reference_id": "mfsa2013-50", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-50" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1684" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ekz-3akk-63er" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/604?format=api", "vulnerability_id": "VCID-3qw2-tzj7-u3fa", "summary": "A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7792" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3qw2-tzj7-u3fa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1905?format=api", "vulnerability_id": "VCID-3uny-z4bs-9bfk", "summary": "Security researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the Graphite\n2 library affecting version 1.3.5.\nThe issue reported by Holger Fuhrmannek is a mechanism to induce\nstack corruption with a malicious graphite font. This leads to a potentially exploitable\ncrash when the font is loaded.\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds read, and\nout-of-bounds write errors when working with fuzzed graphite fonts. \n\nTo address these security vulnerabilities, Firefox 45 and Firefox ESR 38.7 have been\nupdated to Graphite 2 version 1.3.6.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "CVE-2016-2791", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2791" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3uny-z4bs-9bfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/541?format=api", "vulnerability_id": "VCID-442s-jgvp-gfav", "summary": "Use-after-free while manipulating XSL in XSLT documents", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5376" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-442s-jgvp-gfav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/218?format=api", "vulnerability_id": "VCID-4cyw-yxhd-77af", "summary": "Event handlers on marquee elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95", "reference_id": "mfsa2016-95", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96", "reference_id": "mfsa2016-96", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9895" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4cyw-yxhd-77af" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/228?format=api", "vulnerability_id": "VCID-4eg8-dc82-fqd6", "summary": "Mozilla developers and community members Jan de Mooij, Iris Hsiao, Christian Holler, Carsten Book, Timothy Nikkel, Christoph Diehl, Olli Pettay, Raymond Forbes, Boris Zbarsky, and Marco Castelluccio reported memory safety bugs present in Firefox 50.0.2 and Firefox ESR 45.5.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95", "reference_id": "mfsa2016-95", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96", "reference_id": "mfsa2016-96", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9893" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4eg8-dc82-fqd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/522?format=api", "vulnerability_id": "VCID-4gky-p4gv-u7cw", "summary": "Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5408" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4gky-p4gv-u7cw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1903?format=api", "vulnerability_id": "VCID-4hgx-k5jn-ckeu", "summary": "Security researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the Graphite\n2 library affecting version 1.3.5.\nThe issue reported by Holger Fuhrmannek is a mechanism to induce\nstack corruption with a malicious graphite font. This leads to a potentially exploitable\ncrash when the font is loaded.\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds read, and\nout-of-bounds write errors when working with fuzzed graphite fonts. \n\nTo address these security vulnerabilities, Firefox 45 and Firefox ESR 38.7 have been\nupdated to Graphite 2 version 1.3.6.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "CVE-2016-1977", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1977" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4hgx-k5jn-ckeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/519?format=api", "vulnerability_id": "VCID-4ncv-bsfh-kufk", "summary": "Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5410" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4ncv-bsfh-kufk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1907?format=api", "vulnerability_id": "VCID-4r11-gv5n-rbhb", "summary": "Security researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the Graphite\n2 library affecting version 1.3.5.\nThe issue reported by Holger Fuhrmannek is a mechanism to induce\nstack corruption with a malicious graphite font. This leads to a potentially exploitable\ncrash when the font is loaded.\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds read, and\nout-of-bounds write errors when working with fuzzed graphite fonts. \n\nTo address these security vulnerabilities, Firefox 45 and Firefox ESR 38.7 have been\nupdated to Graphite 2 version 1.3.6.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "CVE-2016-2793", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2793" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4r11-gv5n-rbhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2736?format=api", "vulnerability_id": "VCID-4r3z-auuz-sbez", "summary": "Using the Address Sanitizer tool, security researcher Atte\nKettunen from OUSPG discovered a buffer overflow when making\ncapitalization style changes during CSS parsing. This can cause a crash that is\npotentially exploitable.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1576", "reference_id": "CVE-2014-1576", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1576" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-75", "reference_id": "mfsa2014-75", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-75" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1576" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4r3z-auuz-sbez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3048?format=api", "vulnerability_id": "VCID-4uyn-g7y6-zbh2", "summary": "Mozilla developers and community identified and fixed several memory safety\nbugs in the browser engine used in Firefox and other Mozilla-based products.\nSome of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8634", "reference_id": "CVE-2014-8634", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8634" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-01", "reference_id": "mfsa2015-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-8634" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4uyn-g7y6-zbh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/539?format=api", "vulnerability_id": "VCID-53n9-hyzh-yyaz", "summary": "Mozilla developers and community members Boris Zbarsky, Christian Holler, Honza Bambas, Jon Coppeard, Randell Jesup, André Bargull, Kan-Ru Chen, and Nathan Froyd reported memory safety bugs present in Firefox 51 and Firefox ESR 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5398" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-53n9-hyzh-yyaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/595?format=api", "vulnerability_id": "VCID-5a6g-h3b1-vqfy", "summary": "A use-after-free vulnerability can occur while re-computing layout for a marquee element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7801" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5a6g-h3b1-vqfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/547?format=api", "vulnerability_id": "VCID-5m57-7cch-v3ga", "summary": "Mozilla developers and community members Christian Holler, Gary Kwong, André Bargull, Jan de Mooij, Tom Schuster, and Oriol reported memory safety bugs present in Thunderbird 45.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5373" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5m57-7cch-v3ga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2915?format=api", "vulnerability_id": "VCID-644p-f2nh-e7ah", "summary": "Security researcher Ronald Crane reported seven\nvulnerabilities affecting released code that he found through code inspection.\nThese included three uses of uninitialized memory, one poor validation\nleading to an exploitable crash, one read of unowned memory in zip files, and\ntwo buffer overflows. These do not all have clear mechanisms to be exploited\nthrough web content but are vulnerable if a mechanism can be found to trigger\nthem.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2736", "reference_id": "CVE-2015-2736", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2736" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-66", "reference_id": "mfsa2015-66", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-66" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4047?format=api", "purl": "pkg:deb/debian/icedove@31.8.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.8.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-2736" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-644p-f2nh-e7ah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2123?format=api", "vulnerability_id": "VCID-6hmr-r9nx-p7eh", "summary": "Security researcher Nils used the Address Sanitizer tool\nwhile fuzzing to discover missing strong references in browsing engine leading\nto use-after-frees. This can lead to a potentially exploitable crash. \nIn general these flaws cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5600", "reference_id": "CVE-2013-5600", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5600" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-100", "reference_id": "mfsa2013-100", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-100" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-5600" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6hmr-r9nx-p7eh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2747?format=api", "vulnerability_id": "VCID-6nyu-8qhc-q7cj", "summary": "Security researcher SkyLined reported a use-after-free created by triggering the creation of a second root element while parsing HTML written to a document created with document.open(). This leads to a potentially exploitable crash.In general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1592", "reference_id": "CVE-2014-1592", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1592" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-87", "reference_id": "mfsa2014-87", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-87" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1592" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6nyu-8qhc-q7cj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1986?format=api", "vulnerability_id": "VCID-6pfh-m9fg-63gn", "summary": "Compiler Engineer Dan Gohman of Google discovered a flaw in\nthe JavaScript engine where memory was being incorrectly allocated for some\nfunctions and the calls for allocations were not always properly checked for\noverflow, leading to potential buffer overflows. When combined with other\nvulnerabilities, these flaws could be potentially exploitable.\nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5595", "reference_id": "CVE-2013-5595", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5595" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-96", "reference_id": "mfsa2013-96", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-96" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-5595" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6pfh-m9fg-63gn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4541?format=api", "vulnerability_id": "VCID-6pr4-1zfj-9ydj", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7772" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6pr4-1zfj-9ydj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2988?format=api", "vulnerability_id": "VCID-6q33-akyf-v7cw", "summary": "Mozilla developer Ehsan Akhgari reported a mechanism through which a\nweb worker could be used\nto bypass secure requirements for WebSockets when workers are used to create WebSockets.\nThis allows for the bypassing of mixed content WebSocket policy.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197", "reference_id": "CVE-2015-7197", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-132", "reference_id": "mfsa2015-132", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-132" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-7197" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6q33-akyf-v7cw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/659?format=api", "vulnerability_id": "VCID-6s7e-79u3-h7ed", "summary": "Mozilla developers and community members Tyson Smith, Mats Palmgren, Philipp, Masayuki Nakano, Christian Holler, Andrew McCreight, Gary Kwong, André Bargull, Carsten Book, Jesse Schwartzentruber, Julian Hector, Marcia Knous, Ronald Crane, and Nils Ohlmeier reported memory safety bugs present in Firefox 53, Firefox ESR 52.1, and Thunderbird 52.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-5470" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6s7e-79u3-h7ed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3069?format=api", "vulnerability_id": "VCID-6x4j-c36j-aybs", "summary": "Security researcher Xiaofeng Zheng of the Blue Lotus Team at\nTsinghua University reported reported that a Web Proxy returning a 407 Proxy\nAuthentication response with a Set-Cookie header could inject\ncookies into the originally requested domain. This could be used for\nsession-fixation attacks. This attack only allows cookies to be written but does\nnot allow them to be read. \nIn general this flaw cannot be exploited through email in the\nThunderbird product, but is potentially a risk in browser or browser-like\ncontexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8639", "reference_id": "CVE-2014-8639", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8639" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-04", "reference_id": "mfsa2015-04", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-8639" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6x4j-c36j-aybs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2928?format=api", "vulnerability_id": "VCID-6x8h-7v19-x7d2", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover an integer overflow when\nwhen allocating textures of extremely larges sizes during graphics operations. This\nresults in a potentially exploitable crash when triggered.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7212", "reference_id": "CVE-2015-7212", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7212" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-139", "reference_id": "mfsa2015-139", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-139" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-7212" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6x8h-7v19-x7d2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/229?format=api", "vulnerability_id": "VCID-6xqg-t9fu-2kfk", "summary": "A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90", "reference_id": "mfsa2016-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93", "reference_id": "mfsa2016-93", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-5296" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6xqg-t9fu-2kfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2020?format=api", "vulnerability_id": "VCID-74dm-xjmc-2fhq", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover a series of\nuse-after-free, out of bounds read, and invalid write problems rated as moderate\nto critical as security issues in shipped software. Some of these issues are\npotentially exploitable, allowing for remote code execution. We would also like\nto thank Abhishek for reporting additional use-after-free flaws in\ndir=auto code introduced during Firefox development. These were\nfixed before general release.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1680", "reference_id": "CVE-2013-1680", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1680" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-48", "reference_id": "mfsa2013-48", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-48" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1680" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-74dm-xjmc-2fhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/596?format=api", "vulnerability_id": "VCID-74ur-xkr1-a7er", "summary": "A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7809" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-74ur-xkr1-a7er" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2117?format=api", "vulnerability_id": "VCID-7fny-zs49-dkha", "summary": "Security researcher Cody Crews reported that some Javascript\ncomponents will perform checks against the wrong uniform resource identifier\n(URI) before performing security sensitive actions. This will return an\nincorrect location for the originator of the call. This could be used to bypass\nsame-origin policy, allowing for cross-site scripting (XSS) or the installation\nof malicious add-ons from third-party pages.In general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1713", "reference_id": "CVE-2013-1713", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1713" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-72", "reference_id": "mfsa2013-72", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-72" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1713" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7fny-zs49-dkha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2931?format=api", "vulnerability_id": "VCID-7gkv-pu79-43hx", "summary": "Security researcher Matthew Green reported a Diffie–Hellman\n(DHE) key processing issue in Network Security Services (NSS) where a\nman-in-the-middle (MITM) attacker can force a server to downgrade TLS\nconnections to 512-bit export-grade cryptography by modifying client\nrequests to include only export-grade cipher suites. The resulting\nweak key can then be leveraged to impersonate the server. This attack\nis detailed in the \"Imperfect Forward\nSecrecy: How Diffie-Hellman Fails in Practice\" paper and is known as the\n\"Logjam Attack.\"This issue was fixed in NSS version 3.19.1 by limiting the lower strength of\nsupported DHE keys to use 1023 bit primes.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "CVE-2015-4000", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-70", "reference_id": "mfsa2015-70", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-70" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4047?format=api", "purl": "pkg:deb/debian/icedove@31.8.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.8.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-4000" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7gkv-pu79-43hx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1965?format=api", "vulnerability_id": "VCID-7hry-whqg-97gm", "summary": "Mozilla developers fixed several memory safety bugs in the browser engine used in\nFirefox and other Mozilla-based products. Some of these bugs showed evidence of memory\ncorruption under certain circumstances, and we presume that with enough effort at least\nsome of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807", "reference_id": "CVE-2016-2807", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-39", "reference_id": "mfsa2016-39", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-39" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2807" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7hry-whqg-97gm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2777?format=api", "vulnerability_id": "VCID-7x61-g9sn-zqev", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team discovered a number of use-after-free and out of bounds read \nissues using the Address Sanitizer tool. These issues are potentially exploitable, \nallowing for remote code execution. \nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonky products because scripting is disabled, but is \npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1538", "reference_id": "CVE-2014-1538", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1538" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-49", "reference_id": "mfsa2014-49", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-49" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1538" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7x61-g9sn-zqev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2689?format=api", "vulnerability_id": "VCID-7yjs-kgmy-n3bm", "summary": "Mozilla community member John reported a crash in the Skia\nlibrary when scaling high quality images if the scaling operation takes too\nlong. This is caused by the image data being discarded while still in use by the\nscaling operation. This crash is potentially exploitable on some systems. \nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1557", "reference_id": "CVE-2014-1557", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1557" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-64", "reference_id": "mfsa2014-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-64" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1557" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7yjs-kgmy-n3bm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2961?format=api", "vulnerability_id": "VCID-81zk-xrsj-cufe", "summary": "Security researcher Karthikeyan Bhargavan reported an issue\nin Network Security Services (NSS) where MD5 signatures in the server signature within the\nTLS 1.2 ServerKeyExchange message are still accepted. This is an issue since NSS has\nofficially disallowed the accepting MD5 as a hash algorithm in signatures since 2011. This\nissues exposes NSS based clients such as Firefox to theoretical collision-based forgery\nattacks. This issue was fixed in NSS version 3.20.2.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575", "reference_id": "CVE-2015-7575", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-150", "reference_id": "mfsa2015-150", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-150" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-7575" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-81zk-xrsj-cufe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2107?format=api", "vulnerability_id": "VCID-848r-yzgr-gqhs", "summary": "Security researcher Johnathan Kuskos reported that Firefox\nis sending data in the body of XMLHttpRequest (XHR) HEAD requests, which goes\nagainst the XHR specification. This can potentially be used for Cross-Site\nRequest Forgery (CSRF) attacks against sites which do not distinguish\nbetween HEAD and POST requests.In general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1692", "reference_id": "CVE-2013-1692", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1692" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-54", "reference_id": "mfsa2013-54", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-54" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1692" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-848r-yzgr-gqhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1912?format=api", "vulnerability_id": "VCID-86p5-m5xh-wba9", "summary": "Security researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the Graphite\n2 library affecting version 1.3.5.\nThe issue reported by Holger Fuhrmannek is a mechanism to induce\nstack corruption with a malicious graphite font. This leads to a potentially exploitable\ncrash when the font is loaded.\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds read, and\nout-of-bounds write errors when working with fuzzed graphite fonts. \n\nTo address these security vulnerabilities, Firefox 45 and Firefox ESR 38.7 have been\nupdated to Graphite 2 version 1.3.6.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "CVE-2016-2798", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2798" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-86p5-m5xh-wba9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/597?format=api", "vulnerability_id": "VCID-883g-dbap-u7aw", "summary": "A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7784" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-883g-dbap-u7aw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2919?format=api", "vulnerability_id": "VCID-89x5-7hfe-jbc7", "summary": "Security researcher Ronald Crane reported seven\nvulnerabilities affecting released code that he found through code inspection.\nThese included three uses of uninitialized memory, one poor validation\nleading to an exploitable crash, one read of unowned memory in zip files, and\ntwo buffer overflows. These do not all have clear mechanisms to be exploited\nthrough web content but are vulnerable if a mechanism can be found to trigger\nthem.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2740", "reference_id": "CVE-2015-2740", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2740" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-66", "reference_id": "mfsa2015-66", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-66" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4047?format=api", "purl": "pkg:deb/debian/icedove@31.8.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.8.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-2740" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-89x5-7hfe-jbc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2751?format=api", "vulnerability_id": "VCID-8gjw-35z7-wyeg", "summary": "Security researcher regenrecht reported, via TippingPoint's\nZero Day Initiative, a use-after-free during text layout when interacting with\ntext direction. This results in a crash which can lead to arbitrary code\nexecution. \nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1581", "reference_id": "CVE-2014-1581", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1581" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-79", "reference_id": "mfsa2014-79", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-79" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1581" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8gjw-35z7-wyeg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4537?format=api", "vulnerability_id": "VCID-8hfq-xxg6-tue8", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7776" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8hfq-xxg6-tue8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2794?format=api", "vulnerability_id": "VCID-8wjb-buvs-tke7", "summary": "Security researcher Atte Kettunen from OUSPG reported an out of bounds read during the decoding of WAV format audio files for playback. This could allow web content access to heap data as well as causing a crash.\nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because audio is disabled, but is potentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1497", "reference_id": "CVE-2014-1497", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1497" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-17", "reference_id": "mfsa2014-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1497" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8wjb-buvs-tke7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2006?format=api", "vulnerability_id": "VCID-93bk-58d7-qfdf", "summary": "Mozilla developer Boris Zbarsky found that when\nPreserveWrapper was used in cases where a wrapper is not set, the\npreserved-wrapper flag on the wrapper cache is cleared. This could\npotentially lead to an exploitable crash.In general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1694", "reference_id": "CVE-2013-1694", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1694" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-56", "reference_id": "mfsa2013-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-56" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1694" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-93bk-58d7-qfdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2750?format=api", "vulnerability_id": "VCID-94k4-5f3a-dfdg", "summary": "Security researcher John Thomson discovered a memory\ncorruption in the Cairo graphics library during font rendering of a PDF file for\ndisplay. This memory corruption leads to a potentially exploitable crash and to\na denial of service (DOS). This issues is not able to be triggered in a default\nconfiguration and would require a malicious extension to be installed.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1509", "reference_id": "CVE-2014-1509", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1509" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-27", "reference_id": "mfsa2014-27", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-27" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1509" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-94k4-5f3a-dfdg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2124?format=api", "vulnerability_id": "VCID-98g6-bvjy-mfb9", "summary": "Security researcher Nils used the Address Sanitizer tool\nwhile fuzzing to discover missing strong references in browsing engine leading\nto use-after-frees. This can lead to a potentially exploitable crash. \nIn general these flaws cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5601", "reference_id": "CVE-2013-5601", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5601" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-100", "reference_id": "mfsa2013-100", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-100" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-5601" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-98g6-bvjy-mfb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2021?format=api", "vulnerability_id": "VCID-9fs4-1nem-47f3", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover a series of\nuse-after-free, out of bounds read, and invalid write problems rated as moderate\nto critical as security issues in shipped software. Some of these issues are\npotentially exploitable, allowing for remote code execution. We would also like\nto thank Abhishek for reporting additional use-after-free flaws in\ndir=auto code introduced during Firefox development. These were\nfixed before general release.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1681", "reference_id": "CVE-2013-1681", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1681" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-48", "reference_id": "mfsa2013-48", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-48" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1681" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9fs4-1nem-47f3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1916?format=api", "vulnerability_id": "VCID-9hcm-h8uk-xygz", "summary": "Security researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the Graphite\n2 library affecting version 1.3.5.\nThe issue reported by Holger Fuhrmannek is a mechanism to induce\nstack corruption with a malicious graphite font. This leads to a potentially exploitable\ncrash when the font is loaded.\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds read, and\nout-of-bounds write errors when working with fuzzed graphite fonts. \n\nTo address these security vulnerabilities, Firefox 45 and Firefox ESR 38.7 have been\nupdated to Graphite 2 version 1.3.6.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "CVE-2016-2802", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2802" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9hcm-h8uk-xygz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2713?format=api", "vulnerability_id": "VCID-9kea-3747-qyek", "summary": "Developer Patrick Cozzi reported a crash in some\ncircumstances when using the Cesium JavaScript library to generate WebGL\ncontent. Mozilla developers determined that this crash is potentially\nexploitable.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1556", "reference_id": "CVE-2014-1556", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1556" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-62", "reference_id": "mfsa2014-62", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-62" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1556" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9kea-3747-qyek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2017?format=api", "vulnerability_id": "VCID-9ndx-v92z-jqby", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover a series of\nuse-after-free, out of bounds read, and invalid write problems rated as moderate\nto critical as security issues in shipped software. Some of these issues are\npotentially exploitable, allowing for remote code execution. We would also like\nto thank Abhishek for reporting additional use-after-free flaws in\ndir=auto code introduced during Firefox development. These were\nfixed before general release.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1677", "reference_id": "CVE-2013-1677", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1677" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-48", "reference_id": "mfsa2013-48", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-48" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1677" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ndx-v92z-jqby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/233?format=api", "vulnerability_id": "VCID-9tuh-j2va-53hy", "summary": "A same-origin policy bypass with local shortcut files to load arbitrary local content from disk.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90", "reference_id": "mfsa2016-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93", "reference_id": "mfsa2016-93", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-5291" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9tuh-j2va-53hy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1959?format=api", "vulnerability_id": "VCID-9wc3-cjef-3ucq", "summary": "Security researcher Francis Gabriel of Quarkslab reported a heap-based\nbuffer overflow in the way the Network Security Services (NSS) libraries parsed certain\nASN.1 structures. An attacker could create a specially-crafted certificate which, when\nparsed by NSS, would cause it to crash or execute arbitrary code with the permissions of\nthe user.\nThis issue has been addressed in the NSS releases shipping on affected Mozilla\nproducts:", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "CVE-2016-1950", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-35", "reference_id": "mfsa2016-35", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-35" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1950" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9wc3-cjef-3ucq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2712?format=api", "vulnerability_id": "VCID-a23f-4jqj-nfag", "summary": "Security researcher Joe Vennix from Rapid7 reported that passing a JavaScript object to XMLHttpRequest that mimics an input stream will a crash. This crash is not exploitable and can only be used for denial of service attacks.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1590", "reference_id": "CVE-2014-1590", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1590" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-85", "reference_id": "mfsa2014-85", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-85" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1590" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a23f-4jqj-nfag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1904?format=api", "vulnerability_id": "VCID-a5ee-c6f4-tufu", "summary": "Security researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the Graphite\n2 library affecting version 1.3.5.\nThe issue reported by Holger Fuhrmannek is a mechanism to induce\nstack corruption with a malicious graphite font. This leads to a potentially exploitable\ncrash when the font is loaded.\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds read, and\nout-of-bounds write errors when working with fuzzed graphite fonts. \n\nTo address these security vulnerabilities, Firefox 45 and Firefox ESR 38.7 have been\nupdated to Graphite 2 version 1.3.6.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "CVE-2016-2790", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2790" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a5ee-c6f4-tufu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3017?format=api", "vulnerability_id": "VCID-a5mh-mmhh-pfg6", "summary": "Security researcher Ronald Crane reported three vulnerabilities\naffecting released code that were found through code inspection. These included a\nbuffer overflow in the ANGLE graphics library and two issues of missing status checks in\nSVG rendering and during cryptographic key manipulation. These do not all have clear\nmechanisms to be exploited through web content but are vulnerable if a mechanism can be\nfound to trigger them.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199", "reference_id": "CVE-2015-7199", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-131", "reference_id": "mfsa2015-131", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-131" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-7199" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a5mh-mmhh-pfg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4542?format=api", "vulnerability_id": "VCID-abde-jm4w-5yde", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7771" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-abde-jm4w-5yde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3023?format=api", "vulnerability_id": "VCID-ac68-q866-pugy", "summary": "Security researcher Gustavo Grieco reported a buffer underflow in\nlibjar triggered through a maliciously crafted ZIP format file. This results\nin a potentially exploitable crash.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194", "reference_id": "CVE-2015-7194", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-128", "reference_id": "mfsa2015-128", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-128" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-7194" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ac68-q866-pugy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3016?format=api", "vulnerability_id": "VCID-agrg-fr7r-zyec", "summary": "Security researcher Ronald Crane reported three vulnerabilities\naffecting released code that were found through code inspection. These included a\nbuffer overflow in the ANGLE graphics library and two issues of missing status checks in\nSVG rendering and during cryptographic key manipulation. These do not all have clear\nmechanisms to be exploited through web content but are vulnerable if a mechanism can be\nfound to trigger them.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198", "reference_id": "CVE-2015-7198", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-131", "reference_id": "mfsa2015-131", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-131" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-7198" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-agrg-fr7r-zyec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2016?format=api", "vulnerability_id": "VCID-ahfy-yfgy-2ugs", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover a series of\nuse-after-free, out of bounds read, and invalid write problems rated as moderate\nto critical as security issues in shipped software. Some of these issues are\npotentially exploitable, allowing for remote code execution. We would also like\nto thank Abhishek for reporting additional use-after-free flaws in\ndir=auto code introduced during Firefox development. These were\nfixed before general release.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1676", "reference_id": "CVE-2013-1676", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1676" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-48", "reference_id": "mfsa2013-48", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-48" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1676" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ahfy-yfgy-2ugs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2735?format=api", "vulnerability_id": "VCID-ak47-7gf3-akgp", "summary": "Mozilla developers Eric Shepherd and Jan-Ivar\nBruaroey reported issues with privacy and video sharing using WebRTC.\nOnce video sharing has started within a WebRTC session running within an\n<iframe>, video will continue to be shared even if the user\nselects the "e;Stop Sharing\" button in the controls. The camera will\nalso remain on even if the user navigates to another site and will begin\nstreaming again if the user returns to the original site. This is a privacy\nproblem and can lead to inadvertent video streaming. This does not affect\nimplementations that are not within an <iframe>.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1586", "reference_id": "CVE-2014-1586", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1586" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-81", "reference_id": "mfsa2014-81", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-81" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1586" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ak47-7gf3-akgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2092?format=api", "vulnerability_id": "VCID-apjg-245v-yfdx", "summary": "Security researcher Sachin Shinde reported that moving\ncertain XBL-backed nodes from a document into the replacement document\ncreated by document.open() can cause a JavaScript\ncompartment mismatch which can often lead to exploitable conditions.\nStarting with Firefox 20 this condition was turned into a run-time\nassertion that would crash the browser in an unexploitable way, and in\nFirefox 24 the underlying cause was fixed.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1730", "reference_id": "CVE-2013-1730", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1730" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-88", "reference_id": "mfsa2013-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-88" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1730" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-apjg-245v-yfdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2916?format=api", "vulnerability_id": "VCID-are2-nwm2-ekfb", "summary": "Security researcher Ronald Crane reported seven\nvulnerabilities affecting released code that he found through code inspection.\nThese included three uses of uninitialized memory, one poor validation\nleading to an exploitable crash, one read of unowned memory in zip files, and\ntwo buffer overflows. These do not all have clear mechanisms to be exploited\nthrough web content but are vulnerable if a mechanism can be found to trigger\nthem.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2737", "reference_id": "CVE-2015-2737", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2737" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-66", "reference_id": "mfsa2015-66", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-66" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4047?format=api", "purl": "pkg:deb/debian/icedove@31.8.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.8.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-2737" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-are2-nwm2-ekfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/601?format=api", "vulnerability_id": "VCID-azwt-6846-1kgm", "summary": "An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7753" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-azwt-6846-1kgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1917?format=api", "vulnerability_id": "VCID-b1zu-35mw-jkdg", "summary": "Security researchers Jose Martinez and Romina\nSantillan reported a memory leak in the libstagefright library when array\ndestruction occurs during MPEG4 video file processing.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "CVE-2016-1957", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-20", "reference_id": "mfsa2016-20", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1957" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b1zu-35mw-jkdg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2969?format=api", "vulnerability_id": "VCID-b9t4-78nq-jyeh", "summary": "Security researcher Paul Bandha used the used the Address\nSanitizer tool to discover a use-after-free vulnerability when running specific\nweb content with IndexedDB to create an index. This leads to a\npotentially exploitable crash.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0831", "reference_id": "CVE-2015-0831", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0831" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-16", "reference_id": "mfsa2015-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-16" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2015-0831" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b9t4-78nq-jyeh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2688?format=api", "vulnerability_id": "VCID-bm2a-1rmq-zqc3", "summary": "Security researcher regenrecht reported, via TippingPoint's\nZero Day Initiative, a use-after-free during text layout when interacting with\nthe setting of text direction. This results in a use-after-free which can lead\nto arbitrary code execution. \nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567", "reference_id": "CVE-2014-1567", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-72", "reference_id": "mfsa2014-72", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-72" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1567" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bm2a-1rmq-zqc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/545?format=api", "vulnerability_id": "VCID-bn6e-q2fz-7fba", "summary": "A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5396" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bn6e-q2fz-7fba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/645?format=api", "vulnerability_id": "VCID-bxpd-zacn-8bfv", "summary": "A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-5472" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bxpd-zacn-8bfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2729?format=api", "vulnerability_id": "VCID-bzv3-5jce-2fam", "summary": "Security researcher Nils discovered a use-after-free error\nin which the imgLoader object is freed while an image is being\nresized. This results in a potentially exploitable crash.\nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1531", "reference_id": "CVE-2014-1531", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1531" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-44", "reference_id": "mfsa2014-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-44" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1531" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bzv3-5jce-2fam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2719?format=api", "vulnerability_id": "VCID-c4mc-49k8-7kfz", "summary": "Mozilla security researcher moz_bug_r_a4 reported a method\nto use browser navigations through history to load a website with that page's\nbaseURI property pointing to that of another site instead of the seemingly\nloaded one. The user will continue to see the incorrect site in the addressbar\nof the browser. This allows for a cross-site scripting (XSS) attack or the theft\nof data through a phishing attack. \nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1530", "reference_id": "CVE-2014-1530", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1530" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-43", "reference_id": "mfsa2014-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-43" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1530" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c4mc-49k8-7kfz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2788?format=api", "vulnerability_id": "VCID-c8wr-e73p-qyaf", "summary": "Mozilla developers and community identified identified and fixed several\nmemory safety bugs in the browser engine used in Firefox and other Mozilla-based\nproducts. Some of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1518", "reference_id": "CVE-2014-1518", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1518" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-34", "reference_id": "mfsa2014-34", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-34" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1518" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c8wr-e73p-qyaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2725?format=api", "vulnerability_id": "VCID-ca9j-qrnm-eqc3", "summary": "Antoine Delignat-Lavaud, security researcher at Inria Paris\nin team Prosecco, reported an issue in Network Security Services (NSS) libraries\naffecting all versions. He discovered that NSS is vulnerable to a variant of a\nsignature forgery attack previously published by Daniel Bleichenbacher. This is\ndue to lenient parsing of ASN.1 values involved in a signature and could lead to\nthe forging of RSA certificates.The Advanced Threat Research team at Intel Security also independently\ndiscovered and reported this issue.These have been addressed in the NSS releases shipping on affected Mozilla\nproducts:", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568", "reference_id": "CVE-2014-1568", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-73", "reference_id": "mfsa2014-73", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-73" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1568" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ca9j-qrnm-eqc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2910?format=api", "vulnerability_id": "VCID-cjnx-d8j7-zqg3", "summary": "Mozilla engineers Tyson Smith and David Keeler\nreported a use-after-poison and buffer overflow in the ASN.1 decoder in Network Security\nServices (NSS). These issues were in octet string parsing and were found through fuzzing\nand code inspection. If these issues were triggered, they would lead to a potentially\nexploitable crash. These issues were fixed in NSS version 3.19.2.1 and 3.19.4, shipped in\nFirefox and Firefox ESR, respectively, as well as NSS 3.20.1.Google security engineer Ryan Sleevi reported an integer overflow in\nthe Netscape Portable Runtime (NSPR) due to a lack of checks during memory allocation.\nThis leads to a potentially exploitable crash. This issue is fixed in NSPR 4.10.10. The NSPR library is a required component of NSS.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182", "reference_id": "CVE-2015-7182", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-133", "reference_id": "mfsa2015-133", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-133" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-7182" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cjnx-d8j7-zqg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1973?format=api", "vulnerability_id": "VCID-cr9v-b95v-eyha", "summary": "Security researcher Ronald Crane reported an out-of-bounds read\nfollowing a failed allocation in the HTML parser while working with unicode strings. This\ncan also affect the parsing of XML and SVG format data. This leads to a potentially\nexploitable crash. \nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "CVE-2016-1974", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-34", "reference_id": "mfsa2016-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-34" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1974" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cr9v-b95v-eyha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3002?format=api", "vulnerability_id": "VCID-cvjs-nw3e-6be2", "summary": "Security researcher Shinto K Anto reported an issue with cross-origin\nresource sharing (CORS) \"preflight\" requests when receiving certain\nContent-Type headers. This is due to an error in implementation resulting in\ntrying to process multiple media types when they are returned in the\nContent-Type headers from a server. This is disallowed in the CORS specification and results in a simple instead of a\n\"preflight\" request, leading to potential same-origin policy violation.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193", "reference_id": "CVE-2015-7193", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-127", "reference_id": "mfsa2015-127", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-127" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-7193" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cvjs-nw3e-6be2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2011?format=api", "vulnerability_id": "VCID-cvzy-dfhj-nkcy", "summary": "Mozilla security researcher moz_bug_r_a4 reported that\nXrayWrappers can be bypassed to call content-defined toString and valueOf methods through DefaultValue. This can lead to unexpected behavior when privileged code acts on the incorrect values.In general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1697", "reference_id": "CVE-2013-1697", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1697" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-59", "reference_id": "mfsa2013-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-59" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1697" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cvzy-dfhj-nkcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/512?format=api", "vulnerability_id": "VCID-d5gv-m4u7-3bfc", "summary": "JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5400" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d5gv-m4u7-3bfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2004?format=api", "vulnerability_id": "VCID-d7ny-zzst-u3gy", "summary": "Mozilla developer Boris Zbarsky reported that user-defined\ngetters on DOM proxies would incorrectly get the expando object as this.\nIt is unlikely that this is directly exploitable but could lead to JavaScript\nclient or add-on code making incorrect security sensitive decisions based\non hacker supplied values.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1737", "reference_id": "CVE-2013-1737", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1737" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-91", "reference_id": "mfsa2013-91", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-91" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1737" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d7ny-zzst-u3gy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2795?format=api", "vulnerability_id": "VCID-db6q-f9hh-cyhg", "summary": "Mozilla developers and community identified identified and fixed several\nmemory safety bugs in the browser engine used in Firefox and other Mozilla-based\nproducts. Some of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1493", "reference_id": "CVE-2014-1493", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1493" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-15", "reference_id": "mfsa2014-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1493" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-db6q-f9hh-cyhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2024?format=api", "vulnerability_id": "VCID-dcs6-cpsj-mkhs", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover an access\nviolation due to uninitialized data during Extensible Stylesheet Language\nTransformation (XSLT) processing. This leads to a potentially exploitable\ncrash. \nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5604", "reference_id": "CVE-2013-5604", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5604" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-95", "reference_id": "mfsa2013-95", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-95" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-5604" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dcs6-cpsj-mkhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2982?format=api", "vulnerability_id": "VCID-ddgc-sfjs-bkgg", "summary": "Security researcher Michał Bentkowski reported that adding white-space\ncharacters to hostnames that are IP addresses can bypass same-origin policy. This flaw was\ncaused by trailing whitespaces being evaluated differently when parsing IP addresses\ninstead of alphanumeric hostnames. This could lead to a cross-site script (XSS) attack.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188", "reference_id": "CVE-2015-7188", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-122", "reference_id": "mfsa2015-122", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-122" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-7188" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ddgc-sfjs-bkgg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1997?format=api", "vulnerability_id": "VCID-dh2v-wp97-bkcv", "summary": "Mozilla developers identified and fixed several memory safety bugs in the\nbrowser engine used in Firefox and other Mozilla-based products. Some of these\nbugs showed evidence of memory corruption under certain circumstances, and we\npresume that with enough effort at least some of these could be exploited to run\narbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5590", "reference_id": "CVE-2013-5590", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5590" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-93", "reference_id": "mfsa2013-93", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-93" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-5590" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dh2v-wp97-bkcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1899?format=api", "vulnerability_id": "VCID-dhjd-31cm-1fh6", "summary": "Security researcher ca0nguyen, working with HP's Zero Day Initiative,\nreported a use-after-free issue in the HTML5 string parser when parsing a particular set\nof table-related tags in a foreign fragment context such as SVG. This results in a\npotentially exploitable crash.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "CVE-2016-1960", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-23", "reference_id": "mfsa2016-23", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-23" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1960" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dhjd-31cm-1fh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2122?format=api", "vulnerability_id": "VCID-dmv4-6qcr-xueh", "summary": "Security researcher Nils used the Address Sanitizer tool\nwhile fuzzing to discover missing strong references in browsing engine leading\nto use-after-frees. This can lead to a potentially exploitable crash. \nIn general these flaws cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5599", "reference_id": "CVE-2013-5599", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5599" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-100", "reference_id": "mfsa2013-100", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-100" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-5599" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dmv4-6qcr-xueh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2109?format=api", "vulnerability_id": "VCID-dnqy-1q57-yqbw", "summary": "Security researcher Nils reported two potentially\nexploitable memory corruption bugs involving scrolling. The first was a\nuse-after-free condition due to scrolling an image document. The second\nwas due to nodes in a range request being added as children of two\ndifferent parents.\nIn general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1736", "reference_id": "CVE-2013-1736", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1736" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-90", "reference_id": "mfsa2013-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-90" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1736" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnqy-1q57-yqbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2722?format=api", "vulnerability_id": "VCID-dwm9-tv86-7bab", "summary": "Mozilla developers and community identified and fixed several\nmemory safety bugs in the browser engine used in Firefox and other Mozilla-based\nproducts. Some of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1533", "reference_id": "CVE-2014-1533", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1533" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-48", "reference_id": "mfsa2014-48", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-48" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1533" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dwm9-tv86-7bab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1872?format=api", "vulnerability_id": "VCID-dxam-cewh-63dt", "summary": "Security researcher Nicolas Golubovic reported that a malicious page\ncan overwrite files on the user's machine using Content Security Policy (CSP) violation\nreports. The file contents are restricted to the JSON format of the report. In many cases\noverwriting a local file may simply be destructive, breaking the functionality of that\nfile. The CSP error reports can include HTML fragments which could be rendered by\nbrowsers. If a user has disabled add-on signing and has installed an \"unpacked\" add-on, a\nmalicious page could overwrite one of the add-on resources. Depending on how this resource\nis used, this could lead to privilege escalation.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "CVE-2016-1954", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-17", "reference_id": "mfsa2016-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1954" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dxam-cewh-63dt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/247?format=api", "vulnerability_id": "VCID-e35v-ppxg-tkd1", "summary": "Mozilla developers and community members Christoph Diehl, Andrew McCreight, Dan Minor, Byron Campen, Jon Coppeard, Steve Fink, Tyson Smith, Philipp, and Carsten Book reported memory safety bugs present in Firefox 48 and Firefox ESR 45.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort at least some of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257" }, { "reference_url": "https://security.archlinux.org/ASA-201609-22", "reference_id": "ASA-201609-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-22" }, { "reference_url": "https://security.archlinux.org/AVG-24", "reference_id": "AVG-24", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-24" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85", "reference_id": "mfsa2016-85", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-86", "reference_id": "mfsa2016-86", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-86" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-88", "reference_id": "mfsa2016-88", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-88" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-5257" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e35v-ppxg-tkd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2082?format=api", "vulnerability_id": "VCID-e43n-qw7k-9fh7", "summary": "Mozilla community member Ms2ger discovered that some\nDOMSVGZoomEvent functions are used without being properly\ninitialized, causing uninitialized memory to be used when they are called by web\ncontent. This could lead to a information leakage to sites depending on the\ncontents of this uninitialized memory.\nIn general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1675", "reference_id": "CVE-2013-1675", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1675" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-47", "reference_id": "mfsa2013-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1675" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e43n-qw7k-9fh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1866?format=api", "vulnerability_id": "VCID-ecjy-9yqg-d7g5", "summary": "Security researcher Holger Fuhrmannek reported that a malicious\nGraphite \"smart font\" could circumvent the validation of internal instruction parameters\nin the Graphite 2 library using special CNTXT_ITEM instructions. This could result in\narbitrary code execution.\n This issue affected Graphite 2 version 1.3.4, which was used in the Firefox ESR branch. To address this issue and other security vulnerabilities recently disclosed by Cisco Talos affecting this version of the library, Firefox ESR has been updated to version 1.3.5, the same one used in Firefox 44.\nIn general this flaw cannot be exploited through email in the\nThunderbird product, but is potentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523", "reference_id": "CVE-2016-1523", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-14", "reference_id": "mfsa2016-14", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-14" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2016-1523" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ecjy-9yqg-d7g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1938?format=api", "vulnerability_id": "VCID-eefa-gdnq-8kb7", "summary": "Mozilla developers and community members reported several memory safety bugs in the\nbrowser engine used in Firefox and other Mozilla-based products. Some of these bugs showed\nevidence of memory corruption under certain circumstances, and we presume that with enough\neffort at least some of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2836", "reference_id": "CVE-2016-2836", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2836" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-62", "reference_id": "mfsa2016-62", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-62" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2836" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eefa-gdnq-8kb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2025?format=api", "vulnerability_id": "VCID-efrb-cc78-4ygt", "summary": "Security researcher Byoungyoung Lee of Georgia Tech\nInformation Security Center (GTISC) used the Address Sanitizer tool to discover\na use-after-free during state change events while updating the offline cache.\nThis leads to a potentially exploitable crash.\nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5597", "reference_id": "CVE-2013-5597", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5597" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-98", "reference_id": "mfsa2013-98", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-98" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-5597" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-efrb-cc78-4ygt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1968?format=api", "vulnerability_id": "VCID-egv5-6c33-tfb9", "summary": "Mozilla developers fixed several memory safety bugs in the browser engine used in\nFirefox and other Mozilla-based products. Some of these bugs showed evidence of memory\ncorruption under certain circumstances, and we presume that with enough effort at least\nsome of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805", "reference_id": "CVE-2016-2805", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-39", "reference_id": "mfsa2016-39", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-39" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2805" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-egv5-6c33-tfb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2056?format=api", "vulnerability_id": "VCID-ewqw-uz7g-8fgz", "summary": "Mozilla community member Ms2ger found a mechanism where a\nnew Javascript object with a compartment is uninitialized could be entered\nthrough web content. When the scope for this object is called, it leads to a\npotentially exploitable crash. \nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1725", "reference_id": "CVE-2013-1725", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1725" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-82", "reference_id": "mfsa2013-82", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-82" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1725" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ewqw-uz7g-8fgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2914?format=api", "vulnerability_id": "VCID-ewxc-cgha-5ya6", "summary": "Security researcher Ronald Crane reported seven\nvulnerabilities affecting released code that he found through code inspection.\nThese included three uses of uninitialized memory, one poor validation\nleading to an exploitable crash, one read of unowned memory in zip files, and\ntwo buffer overflows. These do not all have clear mechanisms to be exploited\nthrough web content but are vulnerable if a mechanism can be found to trigger\nthem.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2735", "reference_id": "CVE-2015-2735", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2735" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-66", "reference_id": "mfsa2015-66", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-66" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4047?format=api", "purl": "pkg:deb/debian/icedove@31.8.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.8.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-2735" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ewxc-cgha-5ya6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/598?format=api", "vulnerability_id": "VCID-f9cy-h7kt-zudr", "summary": "A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7802" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f9cy-h7kt-zudr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1922?format=api", "vulnerability_id": "VCID-fam8-n44k-2qh7", "summary": "Mozilla developer Tim Taubert used the Address Sanitizer tool and\nsoftware fuzzing to discover a use-after-free vulnerability while processing DER encoded\nkeys in the Network Security Services (NSS) libraries. The vulnerability overwrites the\nfreed memory with zeroes. This issue has been addressed in NSS 3.21.1, shipping in Firefox\n45.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979", "reference_id": "CVE-2016-1979", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-36", "reference_id": "mfsa2016-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-36" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1979" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fam8-n44k-2qh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3040?format=api", "vulnerability_id": "VCID-fk4s-hdw3-bbhp", "summary": "Mozilla developers and community identified and fixed several memory safety\nbugs in the browser engine used in Firefox and other Mozilla-based products.\nSome of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0836", "reference_id": "CVE-2015-0836", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0836" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-11", "reference_id": "mfsa2015-11", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2015-0836" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fk4s-hdw3-bbhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1991?format=api", "vulnerability_id": "VCID-fp2m-wk2e-f3d2", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover a series of\nuse-after-free problems rated critical as security issues in shipped software.\nSome of these issues are potentially exploitable, allowing for remote code\nexecution. We would also like to thank Abhishek for reporting additional\nuse-after-free and buffer overflow flaws in code introduced during Firefox\ndevelopment. These were fixed before general release.In general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1685", "reference_id": "CVE-2013-1685", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1685" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-50", "reference_id": "mfsa2013-50", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-50" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1685" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fp2m-wk2e-f3d2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3033?format=api", "vulnerability_id": "VCID-fq2a-sv58-8ycr", "summary": "Security researcher Armin Ebert reported that a user\nreadable file in a known local path could be uploaded to a malicious site. This\nwas done by manipulating the autocomplete feature in a form and user interaction\nwith it. While the local file is not visibly uploaded through the form, its\ncontents are made available through the Document Object Model (DOM) to script\ncontent on the attacking page, leading to information disclosure.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0822", "reference_id": "CVE-2015-0822", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0822" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-24", "reference_id": "mfsa2015-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-24" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2015-0822" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fq2a-sv58-8ycr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1864?format=api", "vulnerability_id": "VCID-ftnc-qwd9-jubp", "summary": "Security researcher Dominique Hazaël-Massieux reported a\nuse-after-free issue when using multiple WebRTC data channel connections. This causes a\npotentially exploitable crash when a data channel connection is freed from within a call\nthrough it.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "CVE-2016-1962", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-25", "reference_id": "mfsa2016-25", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-25" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1962" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ftnc-qwd9-jubp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1908?format=api", "vulnerability_id": "VCID-fxjs-kgb3-6bb7", "summary": "Security researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the Graphite\n2 library affecting version 1.3.5.\nThe issue reported by Holger Fuhrmannek is a mechanism to induce\nstack corruption with a malicious graphite font. This leads to a potentially exploitable\ncrash when the font is loaded.\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds read, and\nout-of-bounds write errors when working with fuzzed graphite fonts. \n\nTo address these security vulnerabilities, Firefox 45 and Firefox ESR 38.7 have been\nupdated to Graphite 2 version 1.3.6.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "CVE-2016-2794", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2794" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fxjs-kgb3-6bb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/608?format=api", "vulnerability_id": "VCID-fznu-jdyc-47hv", "summary": "When a page’s content security policy (CSP) header contains a sandbox directive, other directives are ignored. This results in the incorrect enforcement of CSP.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7803" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fznu-jdyc-47hv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3006?format=api", "vulnerability_id": "VCID-g4jc-hh17-wbex", "summary": "Mozilla developers and community identified and fixed several memory safety\nbugs in the browser engine used in Firefox and other Mozilla-based products.\nSome of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708", "reference_id": "CVE-2015-2708", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-46", "reference_id": "mfsa2015-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-46" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4047?format=api", "purl": "pkg:deb/debian/icedove@31.8.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.8.0-1~deb7u1" } ], "aliases": [ "CVE-2015-2708" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g4jc-hh17-wbex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/600?format=api", "vulnerability_id": "VCID-gcyv-192g-3ygq", "summary": "A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7786" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gcyv-192g-3ygq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3086?format=api", "vulnerability_id": "VCID-gj9v-hz2y-j3h2", "summary": "Using the Address Sanitizer tool, security researcher Atte\nKettunen found a buffer overflow during the rendering of SVG format\ngraphics when combined with specific CSS properties on a page. This results in a\npotentially exploitable crash.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710", "reference_id": "CVE-2015-2710", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-48", "reference_id": "mfsa2015-48", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-48" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4047?format=api", "purl": "pkg:deb/debian/icedove@31.8.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.8.0-1~deb7u1" } ], "aliases": [ "CVE-2015-2710" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gj9v-hz2y-j3h2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2700?format=api", "vulnerability_id": "VCID-gn7z-yhsg-77a6", "summary": "Security researcher Nils used the Address Sanitizer to\ndiscover a use-after-free problem with the SMIL Animation Controller when\ninteracting with and rendering improperly formed web content. This causes a\npotentially exploitable crash. \nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonky products because scripting is disabled, but is \npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1541", "reference_id": "CVE-2014-1541", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1541" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-52", "reference_id": "mfsa2014-52", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-52" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1541" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gn7z-yhsg-77a6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2792?format=api", "vulnerability_id": "VCID-gvw5-1hst-73cr", "summary": "Mozilla developers and community identified and fixed several memory safety\nbugs in the browser engine used in Firefox and other Mozilla-based products.\nSome of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1587", "reference_id": "CVE-2014-1587", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1587" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-83", "reference_id": "mfsa2014-83", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-83" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1587" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gvw5-1hst-73cr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2920?format=api", "vulnerability_id": "VCID-h99r-s2rd-dbf9", "summary": "Security researcher Ronald Crane reported a vulnerability found\nthrough code inspection. This issue is an integer overflow while processing an MP4 format\nvideo file when an a erroneously-small buffer is allocated and then overrun, resulting in\na potentially exploitable crash.\nThis issue only affects 64-bit versions with 32-bit versions being\nunaffected.In general this flaw cannot be exploited through email in the\nThunderbird product, but is potentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7213", "reference_id": "CVE-2015-7213", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7213" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-146", "reference_id": "mfsa2015-146", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-146" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-7213" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h99r-s2rd-dbf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2976?format=api", "vulnerability_id": "VCID-hgqa-m8ub-f3dc", "summary": "Mozilla developers and community identified and fixed several memory safety\nbugs in the browser engine used in Firefox and other Mozilla-based products.\nSome of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473", "reference_id": "CVE-2015-4473", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-79", "reference_id": "mfsa2015-79", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-79" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-4473" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hgqa-m8ub-f3dc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2753?format=api", "vulnerability_id": "VCID-hk88-1q9b-6khx", "summary": "Security researcher Jethro Beekman of the University of\nCalifornia, Berkeley reported a crash when the FireOnStateChange\nevent is triggered in some circumstances. This leads to a use-after-free and a\npotentially exploitable crash when it occurs.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1555", "reference_id": "CVE-2014-1555", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1555" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-61", "reference_id": "mfsa2014-61", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-61" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1555" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hk88-1q9b-6khx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2032?format=api", "vulnerability_id": "VCID-hqar-k2zd-kbbu", "summary": "Mozilla security researcher moz_bug_r_a4 reported a\nmechanism to execute arbitrary code or a cross-site scripting (XSS) attack when\nCertificate Request Message Format (CRMF) request is generated in certain\ncircumstances. \nIn general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1710", "reference_id": "CVE-2013-1710", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1710" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-69", "reference_id": "mfsa2013-69", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-69" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1710" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hqar-k2zd-kbbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2745?format=api", "vulnerability_id": "VCID-hs2d-ep9s-27b8", "summary": "Security researchers Byoungyoung Lee, Chengyu Song, and Taesoo\nKim at the Georgia Tech Information Security Center (GTISC) reported a\nbad casting from the BasicThebesLayer to\nBasicContainerLayer, resulting in undefined behavior. This behavior\nis potentially exploitable with some compilers but no clear mechanism to trigger\nit through web content was identified.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1594", "reference_id": "CVE-2014-1594", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1594" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-89", "reference_id": "mfsa2014-89", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-89" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1594" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hs2d-ep9s-27b8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2774?format=api", "vulnerability_id": "VCID-j3wh-hsad-dbhr", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover a buffer\noverflow when a script uses a non-XBL object as an XBL object because the XBL\nstatus of the object is not properly validated. The resulting memory corruption\nis potentially exploitable. \nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1524", "reference_id": "CVE-2014-1524", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1524" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-38", "reference_id": "mfsa2014-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-38" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1524" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j3wh-hsad-dbhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2692?format=api", "vulnerability_id": "VCID-j7uq-j289-zyff", "summary": "Using the Address Sanitizer tool, security researcher Abhishek\nArya (Inferno) of the Google Chrome Security Team found an\nout-of-bounds write when buffering WebM format video containing frames with\ninvalid tile sizes. This can lead to a potentially exploitable crash during WebM\nvideo playback.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1578", "reference_id": "CVE-2014-1578", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1578" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-77", "reference_id": "mfsa2014-77", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-77" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1578" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j7uq-j289-zyff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/513?format=api", "vulnerability_id": "VCID-jc41-75ha-97c9", "summary": "A crash triggerable by web content in which an ErrorResult references unassigned memory due to a logic error. The resulting crash may be exploitable.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5401" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jc41-75ha-97c9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2757?format=api", "vulnerability_id": "VCID-jg7z-fpnh-skd4", "summary": "Mozilla developers and community identified and fixed several\nmemory safety bugs in the browser engine used in Firefox and other Mozilla-based\nproducts. Some of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562", "reference_id": "CVE-2014-1562", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-67", "reference_id": "mfsa2014-67", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-67" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1562" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jg7z-fpnh-skd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2050?format=api", "vulnerability_id": "VCID-jgqx-8ras-4bgn", "summary": "Security researcher Paul Stone of Context Information Security discovered\nthat timing differences in the processing of SVG format images with filters\ncould allow for pixel values to be read. This could potentially allow for text\nvalues to be read across domains, leading to information disclosure.In general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1693", "reference_id": "CVE-2013-1693", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1693" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-55", "reference_id": "mfsa2013-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-55" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1693" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jgqx-8ras-4bgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1950?format=api", "vulnerability_id": "VCID-jr76-2aht-uqb2", "summary": "Security researcher lokihardt, working with HP's Zero Day Initiative,\nreported a use-after-free issue in the SetBody function of\nHTMLDocument. This results in a potentially exploitable crash.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "CVE-2016-1961", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-24", "reference_id": "mfsa2016-24", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-24" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1961" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jr76-2aht-uqb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1906?format=api", "vulnerability_id": "VCID-jubn-vjus-h3e8", "summary": "Security researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the Graphite\n2 library affecting version 1.3.5.\nThe issue reported by Holger Fuhrmannek is a mechanism to induce\nstack corruption with a malicious graphite font. This leads to a potentially exploitable\ncrash when the font is loaded.\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds read, and\nout-of-bounds write errors when working with fuzzed graphite fonts. \n\nTo address these security vulnerabilities, Firefox 45 and Firefox ESR 38.7 have been\nupdated to Graphite 2 version 1.3.6.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "CVE-2016-2792", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2792" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jubn-vjus-h3e8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/250?format=api", "vulnerability_id": "VCID-k1rz-f92p-ducs", "summary": "A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079" }, { "reference_url": "https://security.archlinux.org/ASA-201612-1", "reference_id": "ASA-201612-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-1" }, { "reference_url": "https://security.archlinux.org/ASA-201612-2", "reference_id": "ASA-201612-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-2" }, { "reference_url": "https://security.archlinux.org/AVG-90", "reference_id": "AVG-90", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-90" }, { "reference_url": "https://security.archlinux.org/AVG-91", "reference_id": "AVG-91", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-91" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-92", "reference_id": "mfsa2016-92", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-92" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9079" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k1rz-f92p-ducs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/609?format=api", "vulnerability_id": "VCID-k458-ek4h-4kht", "summary": "Mozilla developers and community members Masayuki Nakano, Gary Kwong, Ronald Crane, Andrew McCreight, Tyson Smith, Bevis Tseng, Christian Holler, Bryce Van Dyk, Dragana Damjanovic, Kartikaya Gupta, Philipp, Tristan Bourvon, and Andi-Bogdan Postelnicu reported memory safety bugs present in Firefox 54 and Firefox ESR 52.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7779" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k458-ek4h-4kht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1913?format=api", "vulnerability_id": "VCID-kcpz-uwq4-skf4", "summary": "Security researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the Graphite\n2 library affecting version 1.3.5.\nThe issue reported by Holger Fuhrmannek is a mechanism to induce\nstack corruption with a malicious graphite font. This leads to a potentially exploitable\ncrash when the font is loaded.\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds read, and\nout-of-bounds write errors when working with fuzzed graphite fonts. \n\nTo address these security vulnerabilities, Firefox 45 and Firefox ESR 38.7 have been\nupdated to Graphite 2 version 1.3.6.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "CVE-2016-2799", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2799" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kcpz-uwq4-skf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/235?format=api", "vulnerability_id": "VCID-kkjv-tyxm-6ub7", "summary": "Mozilla developers and community members Olli Pettay, Christian Holler, Ehsan Akhgari, Jon Coppeard, Gary Kwong, Tooru Fujisawa, Philipp, and Randell Jesup reported memory safety bugs present in Thunderbird ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90", "reference_id": "mfsa2016-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93", "reference_id": "mfsa2016-93", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-5290" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kkjv-tyxm-6ub7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2917?format=api", "vulnerability_id": "VCID-knkj-95et-a7bh", "summary": "Security researcher Ronald Crane reported seven\nvulnerabilities affecting released code that he found through code inspection.\nThese included three uses of uninitialized memory, one poor validation\nleading to an exploitable crash, one read of unowned memory in zip files, and\ntwo buffer overflows. These do not all have clear mechanisms to be exploited\nthrough web content but are vulnerable if a mechanism can be found to trigger\nthem.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2738", "reference_id": "CVE-2015-2738", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2738" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-66", "reference_id": "mfsa2015-66", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-66" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4047?format=api", "purl": "pkg:deb/debian/icedove@31.8.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.8.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-2738" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-knkj-95et-a7bh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1911?format=api", "vulnerability_id": "VCID-ksda-d24x-8bcf", "summary": "Security researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the Graphite\n2 library affecting version 1.3.5.\nThe issue reported by Holger Fuhrmannek is a mechanism to induce\nstack corruption with a malicious graphite font. This leads to a potentially exploitable\ncrash when the font is loaded.\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds read, and\nout-of-bounds write errors when working with fuzzed graphite fonts. \n\nTo address these security vulnerabilities, Firefox 45 and Firefox ESR 38.7 have been\nupdated to Graphite 2 version 1.3.6.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "CVE-2016-2797", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2797" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ksda-d24x-8bcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/222?format=api", "vulnerability_id": "VCID-m1ve-ttqh-3ucn", "summary": "External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of data: URLs. This could allow for cross-domain data leakage.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95", "reference_id": "mfsa2016-95", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96", "reference_id": "mfsa2016-96", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9900" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m1ve-ttqh-3ucn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/535?format=api", "vulnerability_id": "VCID-m2ee-rr9r-u3ge", "summary": "Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5405" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m2ee-rr9r-u3ge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2005?format=api", "vulnerability_id": "VCID-m5ja-e7ub-juhq", "summary": "Security researcher Cody Crews reported a method to call a\ncontent level constructor that allows for this constructor to have chrome\nprivileged access. This affects chrome object wrappers (COW) and allows for\nwrite actions on objects when only read actions should be allowed. This can lead\nto cross-site scripting (XSS) attacks. \nIn general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1670", "reference_id": "CVE-2013-1670", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1670" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-42", "reference_id": "mfsa2013-42", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-42" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1670" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m5ja-e7ub-juhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2908?format=api", "vulnerability_id": "VCID-m6a6-yhfk-1ufh", "summary": "Security researcher Tsubasa Iinuma reported a mechanism to violate\nsame-origin policy to content using data: and view-source: URIs\nto confuse protections and bypass restrictions. This resulted in the ability to read data from cross-site URLs and local files.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7214", "reference_id": "CVE-2015-7214", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7214" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-149", "reference_id": "mfsa2015-149", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-149" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-7214" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m6a6-yhfk-1ufh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/542?format=api", "vulnerability_id": "VCID-m7n2-1ppv-jfcm", "summary": "Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object’s address can be discovered through hash codes, and also allows for data leakage of an object’s content using these hash codes.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5378" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m7n2-1ppv-jfcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2733?format=api", "vulnerability_id": "VCID-mbbx-8h8r-37f7", "summary": "Security researcher Mariusz Mlynski, via TippingPoint's\nPwn2Own contest, reported that it is possible for untrusted web content to load\na chrome-privileged page by getting JavaScript-implemented WebIDL to call\nwindow.open(). A second bug allowed the bypassing of the\npopup-blocker without user interaction. Combined these two bugs allow an\nattacker to load a JavaScript URL that is executed with the full privileges of\nthe browser, which allows arbitrary code execution.\nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1511", "reference_id": "CVE-2014-1511", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1511" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-29", "reference_id": "mfsa2014-29", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-29" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1511" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mbbx-8h8r-37f7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/606?format=api", "vulnerability_id": "VCID-md7v-but8-7qdz", "summary": "On pages containing an iframe, the data: protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7791" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-md7v-but8-7qdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2909?format=api", "vulnerability_id": "VCID-mq7v-8uvq-5yeq", "summary": "Mozilla engineers Tyson Smith and David Keeler\nreported a use-after-poison and buffer overflow in the ASN.1 decoder in Network Security\nServices (NSS). These issues were in octet string parsing and were found through fuzzing\nand code inspection. If these issues were triggered, they would lead to a potentially\nexploitable crash. These issues were fixed in NSS version 3.19.2.1 and 3.19.4, shipped in\nFirefox and Firefox ESR, respectively, as well as NSS 3.20.1.Google security engineer Ryan Sleevi reported an integer overflow in\nthe Netscape Portable Runtime (NSPR) due to a lack of checks during memory allocation.\nThis leads to a potentially exploitable crash. This issue is fixed in NSPR 4.10.10. The NSPR library is a required component of NSS.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181", "reference_id": "CVE-2015-7181", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-133", "reference_id": "mfsa2015-133", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-133" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-7181" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mq7v-8uvq-5yeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2737?format=api", "vulnerability_id": "VCID-muhy-wae5-wyg7", "summary": "Security researcher Jüri Aedla, via TippingPoint's\nPwn2Own contest, reported that TypedArrayObject does not handle the\ncase where ArrayBuffer objects are neutered, setting their length\nto zero while still in use. This leads to out-of-bounds reads and writes into\nthe JavaScript heap, allowing for arbitrary code execution.\nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1513", "reference_id": "CVE-2014-1513", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1513" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-31", "reference_id": "mfsa2014-31", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-31" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1513" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-muhy-wae5-wyg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1868?format=api", "vulnerability_id": "VCID-mxj9-cgmx-zkg9", "summary": "Security researcher Nicolas Grégoire used the Address Sanitizer to\nfind a use-after-free during XML transformation operations. This results in a potentially\nexploitable crash triggerable by web content.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "CVE-2016-1964", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-27", "reference_id": "mfsa2016-27", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-27" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1964" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mxj9-cgmx-zkg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2791?format=api", "vulnerability_id": "VCID-myt3-8hgh-aqe7", "summary": "Security researcher George Hotz, via TippingPoint's Pwn2Own\ncontest, discovered an issue where values are copied from an array into a\nsecond, neutered array. This allows for an out-of-bounds write into memory,\ncausing an exploitable crash leading to arbitrary code execution.\nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1514", "reference_id": "CVE-2014-1514", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1514" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-32", "reference_id": "mfsa2014-32", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-32" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1514" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-myt3-8hgh-aqe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2963?format=api", "vulnerability_id": "VCID-n7m2-cbnx-bygy", "summary": "Mozilla developer Olli Pettay reported that while\ninvestigating Mozilla\nFoundation Security Advisory 2015-28, he and Mozilla developer Boris\nZbarsky found an alternate way to trigger a similar vulnerability. The\npreviously reported flaw used an issue with SVG content navigation to bypass\nsame-origin policy protections to run scripts in a privileged context. This\nnewer variant found that the same flaw could be used during anchor navigation of\na page, allowing bypassing of same-origin policy protections. \nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0801", "reference_id": "CVE-2015-0801", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0801" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-40", "reference_id": "mfsa2015-40", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-40" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4046?format=api", "purl": "pkg:deb/debian/icedove@31.6.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.6.0-1" } ], "aliases": [ "CVE-2015-0801" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n7m2-cbnx-bygy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/544?format=api", "vulnerability_id": "VCID-n9bg-836z-abb8", "summary": "The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5390" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n9bg-836z-abb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2953?format=api", "vulnerability_id": "VCID-nj18-p9nk-9ffg", "summary": "Security researcher Mariusz Mlynski reported, through HP\nZero Day Initiative's Pwn2Own contest, that documents loaded though a\nresource: URL, such as Mozilla's PDF.js PDF file\nviewer, were able to subsequently load privileged chrome pages. The privilege\nrestrictions on resource: URLs was handled incorrectly and these\nrestrictions could be bypassed if this flaw was combined with a separate\nvulnerability allowing for same-origin policy violation, it could be used to run\narbitrary code.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0816", "reference_id": "CVE-2015-0816", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0816" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-33", "reference_id": "mfsa2015-33", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-33" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4046?format=api", "purl": "pkg:deb/debian/icedove@31.6.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.6.0-1" } ], "aliases": [ "CVE-2015-0816" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nj18-p9nk-9ffg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2924?format=api", "vulnerability_id": "VCID-njfh-euqq-hyek", "summary": "Security researcher Ronald Crane reported three\nvulnerabilities affecting released code that were found through code inspection.\nThese included one use of unowned memory, one use of a deleted object, and one\nmemory safety bug. These do not all have clear mechanisms to be exploited\nthrough web content but are vulnerable if a mechanism can be found to trigger\nthem.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488", "reference_id": "CVE-2015-4488", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-90", "reference_id": "mfsa2015-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-90" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-4488" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-njfh-euqq-hyek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4536?format=api", "vulnerability_id": "VCID-njra-xv9f-ffck", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7777" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-njra-xv9f-ffck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/518?format=api", "vulnerability_id": "VCID-nv26-s56m-vkdh", "summary": "Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information disclosure.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5407" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nv26-s56m-vkdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2019?format=api", "vulnerability_id": "VCID-nyr2-98nc-d3h5", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover a series of\nuse-after-free, out of bounds read, and invalid write problems rated as moderate\nto critical as security issues in shipped software. Some of these issues are\npotentially exploitable, allowing for remote code execution. We would also like\nto thank Abhishek for reporting additional use-after-free flaws in\ndir=auto code introduced during Firefox development. These were\nfixed before general release.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1679", "reference_id": "CVE-2013-1679", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1679" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-48", "reference_id": "mfsa2013-48", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-48" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1679" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nyr2-98nc-d3h5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3070?format=api", "vulnerability_id": "VCID-nzaw-bp6y-qkbq", "summary": "Security researcher Ucha Gobejishvili used the Address\nSanitizer tool to find a buffer overflow while parsing compressed XML content.\nThis was due to an error in how buffer space is created and modified when\nhandling large amounts of XML data. This results in a potentially exploitable\ncrash.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716", "reference_id": "CVE-2015-2716", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-54", "reference_id": "mfsa2015-54", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-54" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4047?format=api", "purl": "pkg:deb/debian/icedove@31.8.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.8.0-1~deb7u1" } ], "aliases": [ "CVE-2015-2716" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nzaw-bp6y-qkbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/594?format=api", "vulnerability_id": "VCID-p1ry-j666-3qhy", "summary": "A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7800" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p1ry-j666-3qhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2790?format=api", "vulnerability_id": "VCID-p2cc-jfma-fbfz", "summary": "Mozilla developer Robert O'Callahan reported a mechanism for\ntiming attacks involving SVG filters and displacements input to\nfeDisplacementMap. This allows displacements to potentially be\ncorrelated with values derived from content. This is similar to the previously\nreported techniques used for SVG timing attacks and could allow for text values\nto be read across domains, leading to information disclosure.\nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1505", "reference_id": "CVE-2014-1505", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1505" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-28", "reference_id": "mfsa2014-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-28" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1505" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p2cc-jfma-fbfz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4539?format=api", "vulnerability_id": "VCID-ppw9-56ha-2bhm", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7774" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ppw9-56ha-2bhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2906?format=api", "vulnerability_id": "VCID-psax-4qxx-1udr", "summary": "Security researcher Ronald Crane reported an underflow found through\ncode inspection. This does not all have a clear mechanism to be exploited through web\ncontent but could be vulnerable if a means can be found to trigger it.In general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7205", "reference_id": "CVE-2015-7205", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7205" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-145", "reference_id": "mfsa2015-145", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-145" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-7205" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-psax-4qxx-1udr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1995?format=api", "vulnerability_id": "VCID-q1jy-unjg-uffh", "summary": "Security researcher Nils reported that specially crafted web\ncontent using the onreadystatechange event and reloading of pages\ncould sometimes cause a crash when unmapped memory is executed. This crash is\npotentially exploitable.In general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1690", "reference_id": "CVE-2013-1690", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1690" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-53", "reference_id": "mfsa2013-53", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-53" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1690" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q1jy-unjg-uffh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2126?format=api", "vulnerability_id": "VCID-qd5t-dg93-dud1", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover a\nuse-after-free problem in the Animation Manager during the cloning of\nstylesheets. This can lead to a potentially exploitable crash.In general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1722", "reference_id": "CVE-2013-1722", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1722" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-79", "reference_id": "mfsa2013-79", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-79" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1722" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qd5t-dg93-dud1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2073?format=api", "vulnerability_id": "VCID-qjqw-hjwg-kyfs", "summary": "Security researcher Nils used the Address Sanitizer tool\nwhile fuzzing to discover a memory corruption issue with the JavaScript engine\nwhen using workers with direct proxies. This results in a potentially\nexploitable crash. \nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5602", "reference_id": "CVE-2013-5602", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5602" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-101", "reference_id": "mfsa2013-101", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-101" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-5602" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qjqw-hjwg-kyfs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1977?format=api", "vulnerability_id": "VCID-qrrc-agxp-bybe", "summary": "Security researcher Nils reported a use-after-free when\nresizing video while playing. This could allow for arbitrary code execution.\nIn general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1674", "reference_id": "CVE-2013-1674", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1674" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-46", "reference_id": "mfsa2013-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-46" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1674" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qrrc-agxp-bybe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2732?format=api", "vulnerability_id": "VCID-qw61-3bns-dbfv", "summary": "Security researcher Mariusz Mlynski, via TippingPoint's\nPwn2Own contest, reported that it is possible for untrusted web content to load\na chrome-privileged page by getting JavaScript-implemented WebIDL to call\nwindow.open(). A second bug allowed the bypassing of the\npopup-blocker without user interaction. Combined these two bugs allow an\nattacker to load a JavaScript URL that is executed with the full privileges of\nthe browser, which allows arbitrary code execution.\nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1510", "reference_id": "CVE-2014-1510", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1510" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-29", "reference_id": "mfsa2014-29", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-29" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1510" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qw61-3bns-dbfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2974?format=api", "vulnerability_id": "VCID-r59n-k84q-ebab", "summary": "Mozilla developers and community identified and fixed several memory safety\nbugs in the browser engine used in Firefox and other Mozilla-based products.\nSome of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0815", "reference_id": "CVE-2015-0815", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0815" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-30", "reference_id": "mfsa2015-30", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-30" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4046?format=api", "purl": "pkg:deb/debian/icedove@31.6.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.6.0-1" } ], "aliases": [ "CVE-2015-0815" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r59n-k84q-ebab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2690?format=api", "vulnerability_id": "VCID-r82z-rbap-suh2", "summary": "Security researcher Mariusz Mlynski discovered an issue\nwhere sites that have been given notification permissions by a user can bypass\nsecurity checks on source components for the Web Notification API. This allows\nfor script to be run in a privileged context through notifications, leading to\narbitrary code execution on these sites.\nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1529", "reference_id": "CVE-2014-1529", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1529" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-42", "reference_id": "mfsa2014-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-42" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1529" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r82z-rbap-suh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2703?format=api", "vulnerability_id": "VCID-rd9r-695j-duff", "summary": "Security researcher Holger Fuhrmannek used the used the\nAddress Sanitizer tool to discover an out-of-bounds read issue with Web Audio\nwhen interacting with custom waveforms with invalid values. This results in a\ncrash and could allow for the reading of random memory which may contain\nsensitive data, or of memory addresses that could be used in combination with\nanother bug.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1577", "reference_id": "CVE-2014-1577", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1577" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-76", "reference_id": "mfsa2014-76", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-76" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1577" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rd9r-695j-duff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3021?format=api", "vulnerability_id": "VCID-rf44-229c-qubm", "summary": "Mozilla developers and community identified and fixed several memory safety\nbugs in the browser engine used in Firefox and other Mozilla-based products.\nSome of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7201", "reference_id": "CVE-2015-7201", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7201" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-134", "reference_id": "mfsa2015-134", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-134" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-7201" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rf44-229c-qubm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1881?format=api", "vulnerability_id": "VCID-rhmy-7533-6be9", "summary": "Mozilla developers and community identified and fixed several memory safety\nbugs in the browser engine used in Firefox and other Mozilla-based products.\nSome of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.\nIn general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930", "reference_id": "CVE-2016-1930", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-01", "reference_id": "mfsa2016-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2016-1930" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rhmy-7533-6be9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2734?format=api", "vulnerability_id": "VCID-rtvj-tgwt-17d2", "summary": "Mozilla developers Eric Shepherd and Jan-Ivar\nBruaroey reported issues with privacy and video sharing using WebRTC.\nOnce video sharing has started within a WebRTC session running within an\n<iframe>, video will continue to be shared even if the user\nselects the "e;Stop Sharing\" button in the controls. The camera will\nalso remain on even if the user navigates to another site and will begin\nstreaming again if the user returns to the original site. This is a privacy\nproblem and can lead to inadvertent video streaming. This does not affect\nimplementations that are not within an <iframe>.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1585", "reference_id": "CVE-2014-1585", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1585" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-81", "reference_id": "mfsa2014-81", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-81" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1585" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rtvj-tgwt-17d2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/648?format=api", "vulnerability_id": "VCID-s4se-eex7-h7a6", "summary": "A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7751" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s4se-eex7-h7a6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1910?format=api", "vulnerability_id": "VCID-s874-n3jb-23h1", "summary": "Security researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the Graphite\n2 library affecting version 1.3.5.\nThe issue reported by Holger Fuhrmannek is a mechanism to induce\nstack corruption with a malicious graphite font. This leads to a potentially exploitable\ncrash when the font is loaded.\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds read, and\nout-of-bounds write errors when working with fuzzed graphite fonts. \n\nTo address these security vulnerabilities, Firefox 45 and Firefox ESR 38.7 have been\nupdated to Graphite 2 version 1.3.6.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "CVE-2016-2796", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2796" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s874-n3jb-23h1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/657?format=api", "vulnerability_id": "VCID-s8cd-xy2t-vyem", "summary": "Characters from the \"Canadian Syllabics\" unicode block can be mixed with characters from other unicode blocks in the addressbar instead of being rendered as their raw \"punycode\" form, allowing for domain name spoofing attacks through character confusion. The current Unicode standard allows characters from \"Aspirational Use Scripts\" such as Canadian Syllabics to be mixed with Latin characters in the \"moderately restrictive\" IDN profile. We have changed Firefox behavior to match the upcoming Unicode version 10.0 which removes this category and treats them as \"Limited Use Scripts.\"", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7764" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s8cd-xy2t-vyem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3067?format=api", "vulnerability_id": "VCID-sm73-ujuw-z7cy", "summary": "Security researcher Scott Bell used the Address Sanitizer\ntool to discover a use-after-free error during the processing of text when\nvertical text is enabled. This leads to a potentially exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713", "reference_id": "CVE-2015-2713", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-51", "reference_id": "mfsa2015-51", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-51" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4047?format=api", "purl": "pkg:deb/debian/icedove@31.8.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.8.0-1~deb7u1" } ], "aliases": [ "CVE-2015-2713" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sm73-ujuw-z7cy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3078?format=api", "vulnerability_id": "VCID-svaq-kp6k-r7hx", "summary": "Mozilla developer Christoph Kerschbaumer discovered an issue\nwhile investigating Mozilla\nFoundation Security Advisory 2015-03, previously reported by security\nresearcher Muneaki Nishimura. This flaw was that a cross-origin\nresource sharing (CORS) request should not follow 30x redirections after\npreflight according to the specification. This only affects\nsendBeacon() requests but could allow for a potential Cross-site\nrequest forgery (XSRF) attack from malicious websites. \nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0807", "reference_id": "CVE-2015-0807", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0807" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-37", "reference_id": "mfsa2015-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4046?format=api", "purl": "pkg:deb/debian/icedove@31.6.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.6.0-1" } ], "aliases": [ "CVE-2015-0807" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-svaq-kp6k-r7hx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2765?format=api", "vulnerability_id": "VCID-t6zv-bwtx-gbbd", "summary": "Security research firm VUPEN, via TippingPoint's Pwn2Own\ncontest, reported that memory pressure during Garbage Collection could lead to\nmemory corruption of TypeObjects in the JS engine, resulting in an exploitable\nuse-after-free condition.In general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1512", "reference_id": "CVE-2014-1512", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1512" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-30", "reference_id": "mfsa2014-30", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-30" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1512" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t6zv-bwtx-gbbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1966?format=api", "vulnerability_id": "VCID-ta8f-s9rp-dqc3", "summary": "Mozilla developers fixed several memory safety bugs in the browser engine used in\nFirefox and other Mozilla-based products. Some of these bugs showed evidence of memory\ncorruption under certain circumstances, and we presume that with enough effort at least\nsome of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2806", "reference_id": "CVE-2016-2806", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2806" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-39", "reference_id": "mfsa2016-39", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-39" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2806" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ta8f-s9rp-dqc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3000?format=api", "vulnerability_id": "VCID-tb5c-absx-ckbz", "summary": "Security researcher Aki Helin reported a use-after-free when\nplaying certain MP3 format audio files on the web using the Fluendo MP3 plugin\nfor GStreamer on Linux. This is due to a flaw in handling certain MP3 files by\nthe plugin and its interaction with Mozilla code. This can lead to a potentially\nexploitable crash.\nThis flaw only affects Linux installations. Windows and OS X\nusers are unaffected by it.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0813", "reference_id": "CVE-2015-0813", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0813" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-31", "reference_id": "mfsa2015-31", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-31" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4046?format=api", "purl": "pkg:deb/debian/icedove@31.6.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.6.0-1" } ], "aliases": [ "CVE-2015-0813" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tb5c-absx-ckbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2108?format=api", "vulnerability_id": "VCID-ttmr-qbyy-w3cb", "summary": "Security researcher Nils reported two potentially\nexploitable memory corruption bugs involving scrolling. The first was a\nuse-after-free condition due to scrolling an image document. The second\nwas due to nodes in a range request being added as children of two\ndifferent parents.\nIn general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1735", "reference_id": "CVE-2013-1735", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1735" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-90", "reference_id": "mfsa2013-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-90" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1735" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ttmr-qbyy-w3cb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1946?format=api", "vulnerability_id": "VCID-tw6u-q876-yfbm", "summary": "Security researcher Aki Helin used the Address Sanitizer tool to find\na buffer overflow write when rendering some WebGL content. This leads to a potentially exploitable crash. \nIn general this flaw cannot be exploited through email in the\nThunderbird product, but is potentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935", "reference_id": "CVE-2016-1935", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-03", "reference_id": "mfsa2016-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2016-1935" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tw6u-q876-yfbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3052?format=api", "vulnerability_id": "VCID-tx75-3f4v-j3f3", "summary": "Security researcher Looben Yang reported a buffer overflow in the\nJPEGEncoder function during script interactions with a canvas\nelement. This is caused by a race condition and incorrectly matched sizes following image\ninteractions. This leads to a potentially exploitable crash.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189", "reference_id": "CVE-2015-7189", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-123", "reference_id": "mfsa2015-123", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-123" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-7189" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tx75-3f4v-j3f3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/651?format=api", "vulnerability_id": "VCID-u7r9-ukbq-mkb4", "summary": "An out-of-bounds read in WebGL with a maliciously crafted ImageInfo object during WebGL operations.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7754" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u7r9-ukbq-mkb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/652?format=api", "vulnerability_id": "VCID-uaga-tye9-gqg1", "summary": "A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR). This could result in a potentially exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7756" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uaga-tye9-gqg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2081?format=api", "vulnerability_id": "VCID-ucuh-g6st-sqbq", "summary": "Security researcher Aki Helin reported that combining\nlists, floats, and multiple columns could trigger a potentially\nexploitable buffer overflow.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1732", "reference_id": "CVE-2013-1732", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1732" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-89", "reference_id": "mfsa2013-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-89" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1732" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ucuh-g6st-sqbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/654?format=api", "vulnerability_id": "VCID-uh5h-t12y-h3b1", "summary": "A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7778" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uh5h-t12y-h3b1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1992?format=api", "vulnerability_id": "VCID-umb1-y88n-dqf7", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover a series of\nuse-after-free problems rated critical as security issues in shipped software.\nSome of these issues are potentially exploitable, allowing for remote code\nexecution. We would also like to thank Abhishek for reporting additional\nuse-after-free and buffer overflow flaws in code introduced during Firefox\ndevelopment. These were fixed before general release.In general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1686", "reference_id": "CVE-2013-1686", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1686" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-50", "reference_id": "mfsa2013-50", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-50" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1686" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-umb1-y88n-dqf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1993?format=api", "vulnerability_id": "VCID-utce-na5h-5kdn", "summary": "Security researcher Mariusz Mlynski reported that it is\npossible to compile a user-defined function in the XBL scope of a specific\nelement and then trigger an event within this scope to run code. In some\ncircumstances, when this code is run, it can access content protected by System\nOnly Wrappers (SOW) and chrome-privileged pages. This could potentially lead to\narbitrary code execution. Additionally, Chrome Object Wrappers (COW) can be\nbypassed by web content to access privileged methods, leading to a cross-site\nscripting (XSS) attack from privileged pages.In general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1687", "reference_id": "CVE-2013-1687", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1687" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-51", "reference_id": "mfsa2013-51", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-51" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1687" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-utce-na5h-5kdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2036?format=api", "vulnerability_id": "VCID-uvdw-u8g4-6kgp", "summary": "Mozilla developers identified and fixed several memory safety bugs in the\nbrowser engine used in Firefox and other Mozilla-based products. Some of these\nbugs showed evidence of memory corruption under certain circumstances, and we\npresume that with enough effort at least some of these could be exploited to run\narbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1682", "reference_id": "CVE-2013-1682", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1682" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-49", "reference_id": "mfsa2013-49", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-49" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1682" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uvdw-u8g4-6kgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/603?format=api", "vulnerability_id": "VCID-uww5-29jb-n3gc", "summary": "A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7807" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uww5-29jb-n3gc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2075?format=api", "vulnerability_id": "VCID-v6ds-zvhm-wkf5", "summary": "Mozilla developers identified and fixed several memory safety bugs in the\nbrowser engine used in Firefox and other Mozilla-based products. Some of these\nbugs showed evidence of memory corruption under certain circumstances, and we\npresume that with enough effort at least some of these could be exploited to run\narbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1718", "reference_id": "CVE-2013-1718", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1718" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-76", "reference_id": "mfsa2013-76", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-76" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1718" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v6ds-zvhm-wkf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2945?format=api", "vulnerability_id": "VCID-vct8-ur1y-63db", "summary": "Security researcher Karthikeyan Bhargavan reported an issue\nin Network Security Services (NSS) where the client allows for a ECDHE_ECDSA\nexchange where the server does not send its ServerKeyExchange\nmessage instead of aborting the handshake. Instead, the NSS client will take the\nEC key from the ECDSA certificate. This violates the TLS protocol and also has\nsome security implications for forward secrecy. In this situation, the browser\nthinks it is engaged in an ECDHE exchange, but has been silently downgraded to a\nnon-forward secret mixed-ECDH exchange instead. As a result, if False\nStart is enabled, the browser will start sending data encrypted under\nthese non-forward-secret connection keys. This issue was fixed in NSS version\n3.19.1.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2721", "reference_id": "CVE-2015-2721", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2721" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-71", "reference_id": "mfsa2015-71", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-71" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4047?format=api", "purl": "pkg:deb/debian/icedove@31.8.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.8.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-2721" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vct8-ur1y-63db" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/221?format=api", "vulnerability_id": "VCID-vdup-4rw5-bke7", "summary": "Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95", "reference_id": "mfsa2016-95", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96", "reference_id": "mfsa2016-96", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9898" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vdup-4rw5-bke7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/249?format=api", "vulnerability_id": "VCID-vfzf-pypu-qufk", "summary": "A potentially exploitable crash in EnumerateSubDocuments while adding or removing sub-documents.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95", "reference_id": "mfsa2016-95", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96", "reference_id": "mfsa2016-96", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9905" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vfzf-pypu-qufk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/231?format=api", "vulnerability_id": "VCID-vhgu-g4te-7bff", "summary": "An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90", "reference_id": "mfsa2016-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93", "reference_id": "mfsa2016-93", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-5297" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vhgu-g4te-7bff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3018?format=api", "vulnerability_id": "VCID-vswn-ph7t-akfr", "summary": "Security researcher Ronald Crane reported three vulnerabilities\naffecting released code that were found through code inspection. These included a\nbuffer overflow in the ANGLE graphics library and two issues of missing status checks in\nSVG rendering and during cryptographic key manipulation. These do not all have clear\nmechanisms to be exploited through web content but are vulnerable if a mechanism can be\nfound to trigger them.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200", "reference_id": "CVE-2015-7200", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-131", "reference_id": "mfsa2015-131", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-131" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-7200" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vswn-ph7t-akfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2744?format=api", "vulnerability_id": "VCID-vt96-dyex-ykef", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover a fixed offset\nout of bounds read issue while decoding specifically formatted JPG format\nimages. This causes a non-exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1523", "reference_id": "CVE-2014-1523", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1523" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-37", "reference_id": "mfsa2014-37", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1523" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vt96-dyex-ykef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2018?format=api", "vulnerability_id": "VCID-vtqm-xm64-mug4", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover a series of\nuse-after-free, out of bounds read, and invalid write problems rated as moderate\nto critical as security issues in shipped software. Some of these issues are\npotentially exploitable, allowing for remote code execution. We would also like\nto thank Abhishek for reporting additional use-after-free flaws in\ndir=auto code introduced during Firefox development. These were\nfixed before general release.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1678", "reference_id": "CVE-2013-1678", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1678" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-48", "reference_id": "mfsa2013-48", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-48" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1678" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vtqm-xm64-mug4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2769?format=api", "vulnerability_id": "VCID-vutj-rajw-bueb", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover a buffer\noverflow during the parsing of media content. This leads to a potentially\nexploitable crash.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1593", "reference_id": "CVE-2014-1593", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1593" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-88", "reference_id": "mfsa2014-88", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-88" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1593" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vutj-rajw-bueb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1897?format=api", "vulnerability_id": "VCID-w3p3-evn1-eqgm", "summary": "Mozilla developers and community members reported several memory safety bugs in the\nbrowser engine used in Firefox and other Mozilla-based products. Some of these bugs showed\nevidence of memory corruption under certain circumstances, and we presume that with enough\neffort at least some of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2818", "reference_id": "CVE-2016-2818", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2818" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-49", "reference_id": "mfsa2016-49", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-49" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2818" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w3p3-evn1-eqgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/220?format=api", "vulnerability_id": "VCID-wbtg-ecpe-8bcy", "summary": "Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95", "reference_id": "mfsa2016-95", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96", "reference_id": "mfsa2016-96", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9897" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wbtg-ecpe-8bcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1915?format=api", "vulnerability_id": "VCID-wd34-8uw6-2uh4", "summary": "Security researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the Graphite\n2 library affecting version 1.3.5.\nThe issue reported by Holger Fuhrmannek is a mechanism to induce\nstack corruption with a malicious graphite font. This leads to a potentially exploitable\ncrash when the font is loaded.\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds read, and\nout-of-bounds write errors when working with fuzzed graphite fonts. \n\nTo address these security vulnerabilities, Firefox 45 and Firefox ESR 38.7 have been\nupdated to Graphite 2 version 1.3.6.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "CVE-2016-2801", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2801" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wd34-8uw6-2uh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2923?format=api", "vulnerability_id": "VCID-wjz2-h366-vbae", "summary": "Security researcher Ronald Crane reported three\nvulnerabilities affecting released code that were found through code inspection.\nThese included one use of unowned memory, one use of a deleted object, and one\nmemory safety bug. These do not all have clear mechanisms to be exploited\nthrough web content but are vulnerable if a mechanism can be found to trigger\nthem.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487", "reference_id": "CVE-2015-4487", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-90", "reference_id": "mfsa2015-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-90" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-4487" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wjz2-h366-vbae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3087?format=api", "vulnerability_id": "VCID-wqxh-2v78-nkca", "summary": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to report an out-of-bounds\nread and an out-of-bounds write when rendering an improperly formatted SVG\ngraphic. This could potentially allow the attacker to read uninitialized memory.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0827", "reference_id": "CVE-2015-0827", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0827" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-19", "reference_id": "mfsa2015-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-19" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2015-0827" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wqxh-2v78-nkca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/514?format=api", "vulnerability_id": "VCID-wx4s-73zs-cfap", "summary": "A use-after-free can occur when events are fired for a FontFace object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5402" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wx4s-73zs-cfap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/655?format=api", "vulnerability_id": "VCID-wxca-7hua-tubu", "summary": "An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7758" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wxca-7hua-tubu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/599?format=api", "vulnerability_id": "VCID-x2hg-g7n3-8qbw", "summary": "A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7785" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x2hg-g7n3-8qbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/234?format=api", "vulnerability_id": "VCID-x4x5-44xh-6uat", "summary": "An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90", "reference_id": "mfsa2016-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93", "reference_id": "mfsa2016-93", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9074" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x4x5-44xh-6uat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2748?format=api", "vulnerability_id": "VCID-x6v1-mac8-13bz", "summary": "Security researcher Tyson Smith and Jesse\nSchwartzentruber of the BlackBerry Security Automated Analysis Team\nused the Address Sanitizer tool while fuzzing to discover an out-of-bounds read\nduring polygon rendering in MathML. This can allow web content to potentially\nread protected memory addresses. In combination with previous techniques used\nfor SVG timing attacks, this could allow for text values to be read across\ndomains, leading to information disclosure.\nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1508", "reference_id": "CVE-2014-1508", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1508" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-26", "reference_id": "mfsa2014-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-26" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1508" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x6v1-mac8-13bz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1914?format=api", "vulnerability_id": "VCID-xmkv-47hn-43ck", "summary": "Security researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the Graphite\n2 library affecting version 1.3.5.\nThe issue reported by Holger Fuhrmannek is a mechanism to induce\nstack corruption with a malicious graphite font. This leads to a potentially exploitable\ncrash when the font is loaded.\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds read, and\nout-of-bounds write errors when working with fuzzed graphite fonts. \n\nTo address these security vulnerabilities, Firefox 45 and Firefox ESR 38.7 have been\nupdated to Graphite 2 version 1.3.6.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "CVE-2016-2800", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2800" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xmkv-47hn-43ck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2086?format=api", "vulnerability_id": "VCID-xrp4-wbrq-xqex", "summary": "Security researcher Cody Crews reported a mechanism to use the cloneNode method to bypass System Only Wrappers (SOW) and clone a protected node. This allows violation of the browser's same origin policy and could also lead to privilege escalation and the execution of arbitrary code.\nIn general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0795", "reference_id": "CVE-2013-0795", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0795" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-36", "reference_id": "mfsa2013-36", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-36" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-0795" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xrp4-wbrq-xqex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/516?format=api", "vulnerability_id": "VCID-xtbe-gv4p-23fn", "summary": "A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5404" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xtbe-gv4p-23fn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2760?format=api", "vulnerability_id": "VCID-xw7d-ecvh-1ff8", "summary": "Mozilla developers and community identified and fixed several\nmemory safety bugs in the browser engine used in Firefox and other Mozilla-based\nproducts. Some of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1574", "reference_id": "CVE-2014-1574", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1574" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-74", "reference_id": "mfsa2014-74", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-74" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1574" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xw7d-ecvh-1ff8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2925?format=api", "vulnerability_id": "VCID-y429-zgqe-4ffk", "summary": "Security researcher Ronald Crane reported three\nvulnerabilities affecting released code that were found through code inspection.\nThese included one use of unowned memory, one use of a deleted object, and one\nmemory safety bug. These do not all have clear mechanisms to be exploited\nthrough web content but are vulnerable if a mechanism can be found to trigger\nthem.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489", "reference_id": "CVE-2015-4489", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-90", "reference_id": "mfsa2015-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-90" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-4489" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y429-zgqe-4ffk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2130?format=api", "vulnerability_id": "VCID-yb2d-8jve-qkc5", "summary": "Mozilla developers identified and fixed several memory safety bugs in the\nbrowser engine used in Firefox and other Mozilla-based products. Some of these\nbugs showed evidence of memory corruption under certain circumstances, and we\npresume that with enough effort at least some of these could be exploited to run\narbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1701", "reference_id": "CVE-2013-1701", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1701" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-63", "reference_id": "mfsa2013-63", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-63" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1701" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yb2d-8jve-qkc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/543?format=api", "vulnerability_id": "VCID-yk3y-5my9-auak", "summary": "A potential use-after-free found through fuzzing during DOM manipulation of SVG content.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5380" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yk3y-5my9-auak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2992?format=api", "vulnerability_id": "VCID-ymzx-f3pc-pfc2", "summary": "Mozilla developers and community identified and fixed several memory safety\nbugs in the browser engine used in Firefox and other Mozilla-based products.\nSome of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of these\ncould be exploited to run arbitrary code.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513", "reference_id": "CVE-2015-4513", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-116", "reference_id": "mfsa2015-116", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-116" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-4513" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ymzx-f3pc-pfc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2918?format=api", "vulnerability_id": "VCID-yr7f-4cr1-nye2", "summary": "Security researcher Ronald Crane reported seven\nvulnerabilities affecting released code that he found through code inspection.\nThese included three uses of uninitialized memory, one poor validation\nleading to an exploitable crash, one read of unowned memory in zip files, and\ntwo buffer overflows. These do not all have clear mechanisms to be exploited\nthrough web content but are vulnerable if a mechanism can be found to trigger\nthem.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2739", "reference_id": "CVE-2015-2739", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2739" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-66", "reference_id": "mfsa2015-66", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-66" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4047?format=api", "purl": "pkg:deb/debian/icedove@31.8.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.8.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" } ], "aliases": [ "CVE-2015-2739" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yr7f-4cr1-nye2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1909?format=api", "vulnerability_id": "VCID-yssr-7m7d-b7fh", "summary": "Security researcher Holger Fuhrmannek and Mozilla security engineer\nTyson Smith reported a number of security vulnerabilities in the Graphite\n2 library affecting version 1.3.5.\nThe issue reported by Holger Fuhrmannek is a mechanism to induce\nstack corruption with a malicious graphite font. This leads to a potentially exploitable\ncrash when the font is loaded.\nTyson Smith used the Address Sanitizer tool in concert with a custom\nsoftware fuzzer to find a series of uninitialized memory, out-of-bounds read, and\nout-of-bounds write errors when working with fuzzed graphite fonts. \n\nTo address these security vulnerabilities, Firefox 45 and Firefox ESR 38.7 have been\nupdated to Graphite 2 version 1.3.6.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "CVE-2016-2795", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4048?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2795" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yssr-7m7d-b7fh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4540?format=api", "vulnerability_id": "VCID-zakg-k4hk-fyhm", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4284?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7773" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zakg-k4hk-fyhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/223?format=api", "vulnerability_id": "VCID-zbxg-zh9z-n7gg", "summary": "An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95", "reference_id": "mfsa2016-95", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96", "reference_id": "mfsa2016-96", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4201?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9904" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zbxg-zh9z-n7gg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2091?format=api", "vulnerability_id": "VCID-ze84-c592-s7ef", "summary": "Security researcher Georgi Guninski reported an issue with\nJava applets where in some circumstances the applet could access files on the\nlocal system when loaded using the a file:/// URI and violate file\norigin policy due to interaction with the codebase parameter. This\naffects applets running on the local file system. Mozilla developer John\nSchoenick later discovered that fixes for this issue were inadequate\nand allowed the invocation of Java applets to bypass security checks in\nadditional circumstances. This could lead to untrusted Java applets having\nread-only access on the local files system if used in conjunction with a method\nto download a file to a known or guessable path.In general these flaws cannot be exploited through email in the\nThunderbird product because scripting is disabled, but are potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1717", "reference_id": "CVE-2013-1717", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1717" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-75", "reference_id": "mfsa2013-75", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-75" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4044?format=api", "purl": "pkg:deb/debian/icedove@17.0.10-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2abx-thsg-bbdn" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2j41-vcxe-w3af" }, { "vulnerability": "VCID-2mse-59w2-fbbv" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-4r3z-auuz-sbez" }, { "vulnerability": "VCID-4uyn-g7y6-zbh2" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6nyu-8qhc-q7cj" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x4j-c36j-aybs" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-7x61-g9sn-zqev" }, { "vulnerability": "VCID-7yjs-kgmy-n3bm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8gjw-35z7-wyeg" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-8wjb-buvs-tke7" }, { "vulnerability": "VCID-94k4-5f3a-dfdg" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9kea-3747-qyek" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a23f-4jqj-nfag" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-ak47-7gf3-akgp" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-b9t4-78nq-jyeh" }, { "vulnerability": "VCID-bm2a-1rmq-zqc3" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-bzv3-5jce-2fam" }, { "vulnerability": "VCID-c4mc-49k8-7kfz" }, { "vulnerability": "VCID-c8wr-e73p-qyaf" }, { "vulnerability": "VCID-ca9j-qrnm-eqc3" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-db6q-f9hh-cyhg" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dwm9-tv86-7bab" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-fk4s-hdw3-bbhp" }, { "vulnerability": "VCID-fq2a-sv58-8ycr" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-gn7z-yhsg-77a6" }, { "vulnerability": "VCID-gvw5-1hst-73cr" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-hk88-1q9b-6khx" }, { "vulnerability": "VCID-hs2d-ep9s-27b8" }, { "vulnerability": "VCID-j3wh-hsad-dbhr" }, { "vulnerability": "VCID-j7uq-j289-zyff" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jg7z-fpnh-skd4" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-mbbx-8h8r-37f7" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-muhy-wae5-wyg7" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-myt3-8hgh-aqe7" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-p2cc-jfma-fbfz" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-qw61-3bns-dbfv" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-r82z-rbap-suh2" }, { "vulnerability": "VCID-rd9r-695j-duff" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-rtvj-tgwt-17d2" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-t6zv-bwtx-gbbd" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-vt96-dyex-ykef" }, { "vulnerability": "VCID-vutj-rajw-bueb" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wqxh-2v78-nkca" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-x6v1-mac8-13bz" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-xw7d-ecvh-1ff8" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" }, { "vulnerability": "VCID-znh3-rqwe-8ke3" }, { "vulnerability": "VCID-zuyy-jyqt-tbgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@17.0.10-1~deb7u1" } ], "aliases": [ "CVE-2013-1717" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ze84-c592-s7ef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2714?format=api", "vulnerability_id": "VCID-znh3-rqwe-8ke3", "summary": "Security researchers Tyson Smith and Jesse\nSchwartzentruber used the Address Sanitizer tool while fuzzing to\ndiscover a use-after-free error resulting in a crash. This is a result of a pair\nof NSSCertificate structures being added to a trust domain and then\none of them is removed while they are still in use by the trusted cache. This\ncrash is potentially exploitable.\nThis issue was addressed in the Network Security Services (NSS) library in version 3.16.2, \nshipping on affected platforms.In general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544", "reference_id": "CVE-2014-1544", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-63", "reference_id": "mfsa2014-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-63" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-1544" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-znh3-rqwe-8ke3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3032?format=api", "vulnerability_id": "VCID-zuyy-jyqt-tbgg", "summary": "Security researcher Muneaki Nishimura reported that\nnavigator.sendBeacon() does not follow the cross-origin resource\nsharing (CORS) specification. This results in the request from\nsendBeacon() lacking an origin header in violation of\nthe W3C Beacon specification and not\nbeing treated as a CORS request. This allows for a potential Cross-site request\nforgery (XSRF) attack from malicious websites.\nIn general this flaw cannot be exploited through email in the\nThunderbird product because scripting is disabled, but is potentially a risk in\nbrowser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8638", "reference_id": "CVE-2014-8638", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8638" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-03", "reference_id": "mfsa2015-03", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4045?format=api", "purl": "pkg:deb/debian/icedove@31.5.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-1322-2jgj-2kh2" }, { "vulnerability": "VCID-1bx2-4ka7-w3cr" }, { "vulnerability": "VCID-1es7-pnwd-pfdw" }, { "vulnerability": "VCID-1j25-aujy-1fb3" }, { "vulnerability": "VCID-1qr1-6zdx-fqd1" }, { "vulnerability": "VCID-21fd-3bm8-nuhg" }, { "vulnerability": "VCID-2dx6-ehwy-xubu" }, { "vulnerability": "VCID-2ep2-61mb-cbd3" }, { "vulnerability": "VCID-2nfu-kf32-myag" }, { "vulnerability": "VCID-2u3s-8pqy-27gd" }, { "vulnerability": "VCID-35ek-28ks-vqdf" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-3qw2-tzj7-u3fa" }, { "vulnerability": "VCID-3uny-z4bs-9bfk" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-4cyw-yxhd-77af" }, { "vulnerability": "VCID-4eg8-dc82-fqd6" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4hgx-k5jn-ckeu" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-4r11-gv5n-rbhb" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5a6g-h3b1-vqfy" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-644p-f2nh-e7ah" }, { "vulnerability": "VCID-6pr4-1zfj-9ydj" }, { "vulnerability": "VCID-6q33-akyf-v7cw" }, { "vulnerability": "VCID-6s7e-79u3-h7ed" }, { "vulnerability": "VCID-6x8h-7v19-x7d2" }, { "vulnerability": "VCID-6xqg-t9fu-2kfk" }, { "vulnerability": "VCID-74ur-xkr1-a7er" }, { "vulnerability": "VCID-7gkv-pu79-43hx" }, { "vulnerability": "VCID-7hry-whqg-97gm" }, { "vulnerability": "VCID-81zk-xrsj-cufe" }, { "vulnerability": "VCID-86p5-m5xh-wba9" }, { "vulnerability": "VCID-883g-dbap-u7aw" }, { "vulnerability": "VCID-89x5-7hfe-jbc7" }, { "vulnerability": "VCID-8hfq-xxg6-tue8" }, { "vulnerability": "VCID-9hcm-h8uk-xygz" }, { "vulnerability": "VCID-9tuh-j2va-53hy" }, { "vulnerability": "VCID-9wc3-cjef-3ucq" }, { "vulnerability": "VCID-a5ee-c6f4-tufu" }, { "vulnerability": "VCID-a5mh-mmhh-pfg6" }, { "vulnerability": "VCID-abde-jm4w-5yde" }, { "vulnerability": "VCID-ac68-q866-pugy" }, { "vulnerability": "VCID-agrg-fr7r-zyec" }, { "vulnerability": "VCID-are2-nwm2-ekfb" }, { "vulnerability": "VCID-azwt-6846-1kgm" }, { "vulnerability": "VCID-b1zu-35mw-jkdg" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-bxpd-zacn-8bfv" }, { "vulnerability": "VCID-cjnx-d8j7-zqg3" }, { "vulnerability": "VCID-cr9v-b95v-eyha" }, { "vulnerability": "VCID-cvjs-nw3e-6be2" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddgc-sfjs-bkgg" }, { "vulnerability": "VCID-dhjd-31cm-1fh6" }, { "vulnerability": "VCID-dxam-cewh-63dt" }, { "vulnerability": "VCID-e35v-ppxg-tkd1" }, { "vulnerability": "VCID-ecjy-9yqg-d7g5" }, { "vulnerability": "VCID-eefa-gdnq-8kb7" }, { "vulnerability": "VCID-egv5-6c33-tfb9" }, { "vulnerability": "VCID-ewxc-cgha-5ya6" }, { "vulnerability": "VCID-f9cy-h7kt-zudr" }, { "vulnerability": "VCID-fam8-n44k-2qh7" }, { "vulnerability": "VCID-ftnc-qwd9-jubp" }, { "vulnerability": "VCID-fxjs-kgb3-6bb7" }, { "vulnerability": "VCID-fznu-jdyc-47hv" }, { "vulnerability": "VCID-g4jc-hh17-wbex" }, { "vulnerability": "VCID-gcyv-192g-3ygq" }, { "vulnerability": "VCID-gj9v-hz2y-j3h2" }, { "vulnerability": "VCID-h99r-s2rd-dbf9" }, { "vulnerability": "VCID-hgqa-m8ub-f3dc" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-jr76-2aht-uqb2" }, { "vulnerability": "VCID-jubn-vjus-h3e8" }, { "vulnerability": "VCID-k1rz-f92p-ducs" }, { "vulnerability": "VCID-k458-ek4h-4kht" }, { "vulnerability": "VCID-kcpz-uwq4-skf4" }, { "vulnerability": "VCID-kkjv-tyxm-6ub7" }, { "vulnerability": "VCID-knkj-95et-a7bh" }, { "vulnerability": "VCID-ksda-d24x-8bcf" }, { "vulnerability": "VCID-m1ve-ttqh-3ucn" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m6a6-yhfk-1ufh" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-md7v-but8-7qdz" }, { "vulnerability": "VCID-mq7v-8uvq-5yeq" }, { "vulnerability": "VCID-mxj9-cgmx-zkg9" }, { "vulnerability": "VCID-n7m2-cbnx-bygy" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-nj18-p9nk-9ffg" }, { "vulnerability": "VCID-njfh-euqq-hyek" }, { "vulnerability": "VCID-njra-xv9f-ffck" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-nzaw-bp6y-qkbq" }, { "vulnerability": "VCID-p1ry-j666-3qhy" }, { "vulnerability": "VCID-ppw9-56ha-2bhm" }, { "vulnerability": "VCID-psax-4qxx-1udr" }, { "vulnerability": "VCID-r59n-k84q-ebab" }, { "vulnerability": "VCID-rf44-229c-qubm" }, { "vulnerability": "VCID-rhmy-7533-6be9" }, { "vulnerability": "VCID-s4se-eex7-h7a6" }, { "vulnerability": "VCID-s874-n3jb-23h1" }, { "vulnerability": "VCID-s8cd-xy2t-vyem" }, { "vulnerability": "VCID-sm73-ujuw-z7cy" }, { "vulnerability": "VCID-svaq-kp6k-r7hx" }, { "vulnerability": "VCID-ta8f-s9rp-dqc3" }, { "vulnerability": "VCID-tb5c-absx-ckbz" }, { "vulnerability": "VCID-tw6u-q876-yfbm" }, { "vulnerability": "VCID-tx75-3f4v-j3f3" }, { "vulnerability": "VCID-u7r9-ukbq-mkb4" }, { "vulnerability": "VCID-uaga-tye9-gqg1" }, { "vulnerability": "VCID-uh5h-t12y-h3b1" }, { "vulnerability": "VCID-uww5-29jb-n3gc" }, { "vulnerability": "VCID-vct8-ur1y-63db" }, { "vulnerability": "VCID-vdup-4rw5-bke7" }, { "vulnerability": "VCID-vfzf-pypu-qufk" }, { "vulnerability": "VCID-vhgu-g4te-7bff" }, { "vulnerability": "VCID-vswn-ph7t-akfr" }, { "vulnerability": "VCID-w3p3-evn1-eqgm" }, { "vulnerability": "VCID-wbtg-ecpe-8bcy" }, { "vulnerability": "VCID-wd34-8uw6-2uh4" }, { "vulnerability": "VCID-wjz2-h366-vbae" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-wxca-7hua-tubu" }, { "vulnerability": "VCID-x2hg-g7n3-8qbw" }, { "vulnerability": "VCID-x4x5-44xh-6uat" }, { "vulnerability": "VCID-xmkv-47hn-43ck" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" }, { "vulnerability": "VCID-y429-zgqe-4ffk" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-ymzx-f3pc-pfc2" }, { "vulnerability": "VCID-yr7f-4cr1-nye2" }, { "vulnerability": "VCID-yssr-7m7d-b7fh" }, { "vulnerability": "VCID-zakg-k4hk-fyhm" }, { "vulnerability": "VCID-zbxg-zh9z-n7gg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@31.5.0-1~deb7u1" } ], "aliases": [ "CVE-2014-8638" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zuyy-jyqt-tbgg" } ], "fixing_vulnerabilities": [], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1.5.0.10.dfsg1-3" }