説明
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, obtain sensitive information, spoof user interface.
Below is a complete list of vulnerabilities:
- Denial of service vulnerability in the Audio/Video: Web Codecs component can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in the DOM: Bindings (WebIDL) component can be exploited remotely to execute arbitrary code.
- Security vulnerability in the DOM: Networking component can be exploited to bypass security restrictions.
- A remote code execution vulnerability in the Widget: Win32 component can be exploited remotely to execute arbitrary code.
- Security vulnerability in the Networking: HTTP component can be exploited to bypass security restrictions.
- Security vulnerability in the Application Update component can be exploited to bypass security restrictions.
- A remote code execution vulnerability in the Disability Access APIs component can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in the Audio/Video component can be exploited remotely to execute arbitrary code.
- Security vulnerability in the DOM: Workers component can be exploited to bypass security restrictions.
- A remote code execution vulnerability in the Networking: JAR component can be exploited remotely to execute arbitrary code.
- Security vulnerability in the Enterprise Policies component can be exploited to bypass security restrictions.
- Security vulnerability in the Security: Process Sandboxing component can be exploited to bypass security restrictions.
- Denial of service vulnerability in the Widget: Win32 component can be exploited remotely to cause denial of service.
- Security UI vulnerability in WebExtensions can be exploited to spoof user interface.
- Security UI vulnerability in the Form Autofill component can be exploited to spoof user interface.
- Security vulnerability in the DOM: Security component can be exploited to bypass security restrictions.
- Security UI vulnerability in the Web Speech component can be exploited to spoof user interface.
- Security UI vulnerability in the Popup Blocker component can be exploited to spoof user interface.
- Information disclosure vulnerability in the DOM: Security component can be exploited to obtain sensitive information.
- Information disclosure vulnerability in the IP Protection component can be exploited to obtain sensitive information.
- Information disclosure vulnerability in the Graphics: WebGPU component can be exploited to obtain sensitive information.
- Security vulnerability in the Security component can be exploited to bypass security restrictions.
- Security vulnerability in the Networking: JAR component can be exploited to bypass security restrictions.
- Security vulnerability in the WebRTC: Audio/Video component can be exploited to bypass security restrictions.
- A remote code execution vulnerability in Thunderbird 151 can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Thunderbird 140 can be exploited remotely to execute arbitrary code.
オリジナルアドバイザリー
関連製品
CVEリスト
- CVE-2026-8946 critical
- CVE-2026-8947 high
- CVE-2026-8948 critical
- CVE-2026-8949 critical
- CVE-2026-8950 critical
- CVE-2026-8952 high
- CVE-2026-8953 critical
- CVE-2026-8954 critical
- CVE-2026-8955 high
- CVE-2026-8956 critical
- CVE-2026-8957 high
- CVE-2026-8958 critical
- CVE-2026-8959 critical
- CVE-2026-8960 critical
- CVE-2026-8961 unknown
- CVE-2026-8962 unknown
- CVE-2026-8963 critical
- CVE-2026-8964 critical
- CVE-2026-8965 unknown
- CVE-2026-8966 unknown
- CVE-2026-8967 unknown
- CVE-2026-8968 critical
- CVE-2026-8969 critical
- CVE-2026-8970 high
- CVE-2026-8971 high
- CVE-2026-8972 high
- CVE-2026-8973 critical
- CVE-2026-8974 critical
- CVE-2026-8975 critical
も参照してください
お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com
この脆弱性についての記述に不正確な点がありますか? お知らせください!