Description
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service, execute arbitrary code.
Below is a complete list of vulnerabilities:
- A security bypass vulnerability in proxy.onRequest can be exploited remotely to bypass security restrictions and obtain sensitive information.
- A security bypass vulnerability for Windows can be exploited to bypass security restrictions.
- A use after free vulnerability in StyleGenericFlexBasis object can be exploited to potentially cause denial of service.
- A heap buffer overflow vulnerability in WebGL can be exploited to potentially cause denial of service.
- A memory corruption vulnerability can be exploited to execute arbitrary code.
- A security bypass bypass vulnerability in slipstream can be exploited to obtain sensitive information.
- A security bypass vulnerability in CSS Sanitizer can be exploited to bypass security restrictions.
- A uninitialized use vulnerability in V8 can be exploited to obtain sensitive informtaion and bypass security restrictions.
Original advisories
Related products
CVE list
- CVE-2020-16042 high
- CVE-2020-35111 warning
- CVE-2020-35112 critical
- CVE-2020-26974 critical
- CVE-2020-26971 critical
- CVE-2020-35113 critical
- CVE-2020-26978 high
- CVE-2020-26973 critical
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!