Description
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions.
Below is a complete list of vulnerabilities:
- A buffer overflow vulnerability can be exploited remotely via specially crafted script to cause denial of service;
- An out-of-bounds memory write vulnerability can be exploited remotely via specially crafted IPC messages to bypass security restrictions and execute arbitrary code;
- An integer overflow vulnerability can be exploited remotely to cause denial of service;
- Out of bounds memory write vulnerability in libvorbis can be exploited to bypass security restrictions;
- An out-of-bounds memory write in libvorbis can be exploited remotely possibly to execute arbitrary code;
- Memory corruption vulnerability can be exploited remotely to execute arbitrary code;
Original advisories
Exploitation
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
CVE list
- CVE-2018-5127 high
- CVE-2018-5129 warning
- CVE-2018-5144 critical
- CVE-2018-5146 high
- CVE-2018-5125 high
- CVE-2018-5145 critical
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!