Debian released security updates that fix multiple vulnerabilities with Thunderbird mail client, twig and dovecot Packages that leads to DOS, information disclosure and Arbitrary Code Execution.
The security update covers multiple vulnerabilities with Thunderbird mail client that allows an attacker to execute an arbitrary code execution or denial of service.
The vulnerabilities can be tracked as CVE-2018-18506, CVE-2019-9788, CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9796
All the security issues addressed with version 1:60.6.1-1~deb9u1, users are recommended to update their thunderbird packages.
Twig is a template engine for PHP and it fails in enforcing the sandboxing that results in potential information disclosure.
The vulnerability has been fixed with version 1.24.0-2+deb9u1.
The vulnerability resides in the Dovecot email server on reading the FTS or POP3-UIDL headers from the Dovecot index.
Bounds index is not defined, which allows an attacker to modify the dovecot indexes, which leads to an privilege escalation or the execution of arbitrary code with the permissions of the dovecot user.
Installation using FTS or pop3 migration plugins are affected with the vulnerability and it has been fixed with has been fixed in version 1:2.2.27-3+deb9u4.
You can update the latest security updates by using apt package manager. Before running apt command add the repository to your source list.
deb http://security.debian.org/debian-security stretch/updates main contrib non-free
To be added with /etc/apt/sources.list file and to update apt-get update && apt-get upgrade.
Claude AI, developed by Anthropic, has been exploited by malicious actors in a range of…
As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting U.S.…
Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the notorious…
MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool in…
Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks, leveraging…
A recent investigation by the FortiGuard Incident Response (FGIR) team has uncovered a sophisticated, long-term…