Multiple vulnerabilities in Mozilla Thunderbird

Popis

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service, spoof user interface.

Below is a complete list of vulnerabilities:

1. Security vulnerability in Symlinks can be exploited to bypass security restrictions.
2. Security vulnerability in VideoBridge can be exploited to bypass security restrictions.
3. Memory safety vulnerability can be exploited to execute arbitrary code.
4. Use after free vulnerability in PR_GetIdentitiesLayer can be exploited to execute arbitrary code.
5. Heap buffer overflow vulnerability in nsTextFragment can be exploited to cause denial of service.
6. Heap buffer overflow vulnerability in nsWindow::PickerOpen(void) can be exploited to cause denial of service.
7. Heap buffer overflow vulnerability in WebGL ACE can be exploited to execute arbitrary code.
8. Security vulnerability in ShutdownObserver can be exploited to bypass security restrictions.
9. Use after free vulnerability in nsDNSService can be exploited to execute arbitrary code.
10. Security UI vulnerability can be exploited to spoof user interface.

Oficiální doporučení

• MFSA2023-55

Související produkty

• Mozilla-Thunderbird

seznam CVE

• CVE-2023-6857
  high
• CVE-2023-6860
  high
• CVE-2023-6864
  critical
• CVE-2023-6859
  critical
• CVE-2023-6858
  critical
• CVE-2023-6861
  critical
• CVE-2023-6856
  critical
• CVE-2023-6863
  critical
• CVE-2023-6862
  critical
• CVE-2023-50762
  warning
• CVE-2023-50761
  warning

Zobrazit více

Zjistěte statistiky zranitelností šířících se ve vaší oblasti statistics.securelist.com