Popis
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, execute arbitrary code, spoof user interface.
Below is a complete list of vulnerabilities:
- A bypass security vulnerability in SMTP STARTTLS connections can be exploited to bypass security restrictions and obtain sensitive information.
- An use after free vulnerability in nsLanguageAtomService object can be exploited to cause denial of service.
- A memory safety vulnerability can be exploited to execute arbitrary code.
- A security UI vulnerability in message validation can be exploited to spoof user interface.
- An use after free vulnerability in MessageTask can be exploited to cause denial of service.
- A data race vulnerability in crossbeam-deque can be exploited to obtain sensitive information.
Oficiální doporučení
Související produkty
seznam CVE
- CVE-2021-38501 critical
- CVE-2021-38496 critical
- CVE-2021-38500 critical
- CVE-2021-32810 critical
- CVE-2021-38497 high
- CVE-2021-38498 critical
- CVE-2021-38502 high
Zobrazit více
Zjistěte statistiky zranitelností šířících se ve vaší oblasti statistics.securelist.com
Našli jste v popisu této chyby zabezpečení nepřesnost? Dej nám vědět!