Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA11229
Multiple vulnerabilities in Mozilla Thunderbird

Updated: 06/03/2020
Detect date
?
 03/23/2018
Severity
?
 Critical
Description

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions.

Below is a complete list of vulnerabilities:

  1. A buffer overflow vulnerability can be exploited remotely via specially crafted script to cause denial of service;
  2. An out-of-bounds memory write vulnerability can be exploited remotely via specially crafted IPC messages to bypass security restrictions and execute arbitrary code;
  3. An integer overflow vulnerability can be exploited remotely to cause denial of service;
  4. Out of bounds memory write vulnerability in libvorbis can be exploited to bypass security restrictions;
  5. An out-of-bounds memory write in libvorbis can be exploited remotely possibly to execute arbitrary code;
  6. Memory corruption vulnerability can be exploited remotely to execute arbitrary code;
Affected products

Mozilla Thunderbird earlier than 52.7
Solution

Update to the latest version
Download Mozilla Thunderbird
Original advisories

Mozilla Foundation Security Advisory 2018-09
Impacts
?
ACE 
[?]

DoS 
[?]

SB 
[?]
Related products
 Mozilla Thunderbird
CVE-IDS
?
CVE-2018-51276.8High
CVE-2018-51295.0Critical
CVE-2018-51447.5Critical
CVE-2018-51466.8High
CVE-2018-51256.8High
CVE-2018-51457.5Critical
Find out the statistics of the vulnerabilities spreading in your region
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy Cookies

Up