Description
Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or bypass security restrictions.
- A use-after-free vulnerability can be exploited remotely to cause denial of service;
- A vulnerability in Resource Timing API can be exploited remotely via service error to bypass security restrictions;
- Multiple memory corruption vulnerabilities which occur because of memory safety bugs can be exploited remotely to execute arbitrary code;
Technical details
NB: This vulnerability does not have any public CVSS rating, so rating can be changed by the time.
Original advisories
Related products
CVE list
- CVE-2017-7826 critical
- CVE-2017-7828 critical
- CVE-2017-7830 warning
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!