Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA11591
Multiple vulnerabilities in Mozilla Thunderbird

Updated: 06/03/2020
Detect date
?
 09/22/2019
Severity
?
 Critical
Description

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions.

Below is a complete list of vulnerabilities:

  1. Vulnerability related to document.domain can be exploited to execute arbitrary code;
  2. Stack buffer overflow vulnerability can be exploited to cause denial of service;
  3. Vulnerability related to 360 Total Security can be exploited to execute arbitrary code;
  4. Vulnerability related to HTML parsing can be exploited remotely to bypass security restrictions;
  5. Vulnerability can be exploited to bypass security restrictions;
  6. Buffer overflow vulnerability in expat can be exploited to arbitrary code execution;
  7. Memory safety vulnerability can be exploited to execute arbitrary code;
  8. Use-after-free vulnerability can be exploited to cause denial of service.
Affected products

Mozilla Thunderbird earlier than 68.2
Solution

Update to the latest version
Download Mozilla Thunderbird
Original advisories

Advisory 2019-35
Impacts
?
ACE 
[?]

DoS 
[?]

SB 
[?]
Related products
 Mozilla Thunderbird
CVE-IDS
?
CVE-2019-159035.0Critical
CVE-2019-117586.8High
CVE-2019-117615.8High
CVE-2019-117576.8High
CVE-2019-117606.8High
CVE-2019-117596.8High
CVE-2019-117625.8High
CVE-2019-117646.8High
CVE-2019-117634.3Warning
Find out the statistics of the vulnerabilities spreading in your region
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy Cookies

Up