Multiple vulnerabilities in Mozilla Thunderbird

Descripción

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges, spoof user interface, perform cross-site scripting attack, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. Security vulnerability in Clipboard can be exploited to bypass security restrictions.
2. Security UI vulnerability can be exploited to spoof user interface.
3. Validation of untrusted input vulnerability in new tab page can be exploited to bypass security restrictions.
4. Cross-site scripting (XSS) vulnerability can be exploited to perform cross-site scripting attack.
5. Memory safety vulnerability can be exploited to execute arbitrary code.
6. Memory corruption vulnerability can be exploited to cause a denial of service.
7. Type confusion vulnerability in WebTransport can be exploited to cause denial of service.
8. Cross-site scripting (XSS) vulnerability for Android can be exploited to perform cross-site scripting attack.
9. Memory corruption vulnerability that occurs when reading from memory at a specific point during JIT compilation can be exploited to cause a denial of service.

Notas informativas originales

• MFSA2024-50

Productos relacionados

• Mozilla-Thunderbird

Lista CVE

• CVE-2024-8900
  warning
• CVE-2024-9397
  unknown
• CVE-2024-9398
  unknown
• CVE-2024-9392
  unknown
• CVE-2024-9402
  unknown
• CVE-2024-9396
  unknown
• CVE-2024-9403
  unknown
• CVE-2024-9399
  unknown
• CVE-2024-9393
  unknown
• CVE-2024-9401
  unknown
• CVE-2024-9394
  unknown
• CVE-2024-9400
  unknown

Leer más

Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com