KLA11050
Multiple vulnerabilities in Mozilla Thunderbird

Multiple serious vulnerabilities have been found in Thunderbird. Malicious users can exploit these vulnerabilities to cause a denial of service, spoof user interface, bypass security protections and run arbitrary code.

Below is a complete list of vulnerabilities:

1. A use-after-free vulnerability related to destroyed node usage when regenerating trees can be exploited remotely to cause a denial of service;
2. A use-after-free vulnerability related to docshell reloading can be exploited remotely to cause a denial of service;
3. A use-after-free vulnerability related to video control operations with track elements can be exploited to cause a denial of service;
4. A use-after-free vulnerability related to content viewer listeners can be exploited remotely to cause a denial of service;
5. A use-after-free vulnerability related to user interactions with the input method editor (IME) can be exploited remotely to cause a denial of service;
6. An out-of-bounds read vulnerability related to ImageInfo objects in WebGL can be exploited remotely to cause a denial of service;
7. A use-after-free and use-after-scope vulnerabilities related to XHR header errors logging can be exploited remotely to cause a denial of service;
8. A use-after-free vulnerability in IndexedDB can be exploited remotely to cause a denial of service;
9. Multiple vulnerabilities in the Graphite 2 library can be exploited remotely to cause a denial of service;
10. An out-of-bounds read vulnerability in Opus encoder can be exploited remotely to cause a denial of service;
11. An improper handling of Canadian Syllabics and other unicode blocks can be exploited remotely to spoof the domain;
12. An improper handling of long filenames while downloading «Mark of the Web» can be exploited remotely to bypass security restrictions;
13. Multiple memory corruption vulnerabilities which occur because of memory safety bugs can be exploited remotely to execute arbitrary code.

Technical details

NB: These vulnerabilities do not have any public CVSS rating, so rating can be changed by the time.

NB: At this moment Mozilla has just reserved CVE numbers for these vulnerabilities. Information can be changed soon.

Mozilla Thunderbird versions earlier than 52.2

Update to the latest version
Download Mozilla Thunderbird