Multiple vulnerabilities in Mozilla Thunderbird

Описание

Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface and execute arbitrary code.

Below is a complete list of vulnerabilities:

1. Multiple use-after-free vulnerabilities can be explotied remotely to cause denial of service;
2. An unspecified vulnerability in the addressbar can be exploited remotely via specially crafted URL to spoof user interface;
3. Multiple memory corruption vulnerabilities can be exploited remotely to execute arbitrary code;

Первичный источник обнаружения

• Mozilla Foundation Security Advisory 2018-04
  

Связанные продукты

• Mozilla-Thunderbird

Список CVE

• CVE-2018-5095
  critical
• CVE-2018-5096
  critical
• CVE-2018-5097
  critical
• CVE-2018-5098
  critical
• CVE-2018-5099
  critical
• CVE-2018-5102
  critical
• CVE-2018-5103
  critical
• CVE-2018-5104
  critical
• CVE-2018-5117
  warning
• CVE-2018-5089
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com