Description
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service, spoof user interface.
Below is a complete list of vulnerabilities:
- Security vulnerability in Symlinks can be exploited to bypass security restrictions.
- Security vulnerability in VideoBridge can be exploited to bypass security restrictions.
- Memory safety vulnerability can be exploited to execute arbitrary code.
- Use after free vulnerability in PR_GetIdentitiesLayer can be exploited to execute arbitrary code.
- Heap buffer overflow vulnerability in nsTextFragment can be exploited to cause denial of service.
- Heap buffer overflow vulnerability in nsWindow::PickerOpen(void) can be exploited to cause denial of service.
- Heap buffer overflow vulnerability in WebGL ACE can be exploited to execute arbitrary code.
- Security vulnerability in ShutdownObserver can be exploited to bypass security restrictions.
- Use after free vulnerability in nsDNSService can be exploited to execute arbitrary code.
- Security UI vulnerability can be exploited to spoof user interface.
Original advisories
Related products
CVE list
- CVE-2023-6857 warning
- CVE-2023-6860 warning
- CVE-2023-6864 warning
- CVE-2023-6859 warning
- CVE-2023-6858 warning
- CVE-2023-6861 warning
- CVE-2023-6856 warning
- CVE-2023-6863 warning
- CVE-2023-6862 warning
- CVE-2023-50762 warning
- CVE-2023-50761 warning
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!