Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:rpm/redhat/thunderbird@10.0.5-2?arch=el5_8
purl pkg:rpm/redhat/thunderbird@10.0.5-2?arch=el5_8
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.5
Vulnerabilities affecting this package (11)
Vulnerability Summary Fixed by
VCID-1g36-3t6y-6ueh
Aliases:
CVE-2012-3105
Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. There are no reported fixed by versions.
VCID-1szy-64t4-2bab
Aliases:
CVE-2012-1938
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. There are no reported fixed by versions.
VCID-5y7y-3fnf-cueh
Aliases:
CVE-2012-1945
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. There are no reported fixed by versions.
VCID-cq4q-mh6g-aub7
Aliases:
CVE-2012-1944
Security researcher Adam Barth found that inline event handlers, such as onclick, were no longer blocked by Content Security Policy's (CSP) inline-script blocking feature. Web applications relying on this feature of CSP to protect against cross-site scripting (XSS) were not fully protected. There are no reported fixed by versions.
VCID-debh-4s35-j3hs
Aliases:
CVE-2012-1937
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. There are no reported fixed by versions.
VCID-jcm4-ykz6-a7ej
Aliases:
CVE-2011-3101
Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. There are no reported fixed by versions.
VCID-p2gf-sccx-5qb8
Aliases:
CVE-2012-1941
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. There are no reported fixed by versions.
VCID-s3m1-pnhd-n3ex
Aliases:
CVE-2012-1947
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. There are no reported fixed by versions.
VCID-v5y5-u355-mbdd
Aliases:
CVE-2012-1946
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. There are no reported fixed by versions.
VCID-vfbw-j8m3-bbdm
Aliases:
CVE-2012-1940
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. There are no reported fixed by versions.
VCID-x41h-sx4r-3bc8
Aliases:
CVE-2012-1939
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. There are no reported fixed by versions.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T14:55:30.435501+00:00 RedHat Importer Affected by VCID-s3m1-pnhd-n3ex https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1947.json 38.0.0
2026-04-01T14:55:30.334153+00:00 RedHat Importer Affected by VCID-p2gf-sccx-5qb8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1941.json 38.0.0
2026-04-01T14:55:30.222161+00:00 RedHat Importer Affected by VCID-vfbw-j8m3-bbdm https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1940.json 38.0.0
2026-04-01T14:55:30.052699+00:00 RedHat Importer Affected by VCID-v5y5-u355-mbdd https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1946.json 38.0.0
2026-04-01T14:55:29.965877+00:00 RedHat Importer Affected by VCID-5y7y-3fnf-cueh https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1945.json 38.0.0
2026-04-01T14:55:29.884412+00:00 RedHat Importer Affected by VCID-cq4q-mh6g-aub7 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1944.json 38.0.0
2026-04-01T14:55:29.793414+00:00 RedHat Importer Affected by VCID-1g36-3t6y-6ueh https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3105.json 38.0.0
2026-04-01T14:55:29.706219+00:00 RedHat Importer Affected by VCID-x41h-sx4r-3bc8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1939.json 38.0.0
2026-04-01T14:55:29.626495+00:00 RedHat Importer Affected by VCID-1szy-64t4-2bab https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1938.json 38.0.0
2026-04-01T14:55:29.547120+00:00 RedHat Importer Affected by VCID-debh-4s35-j3hs https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1937.json 38.0.0
2026-04-01T14:55:29.464400+00:00 RedHat Importer Affected by VCID-jcm4-ykz6-a7ej https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3101.json 38.0.0