Multiple vulnerabilities in Mozilla Thunderbird

Описание

Multiple serious vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. Vulnerability related to HTTP Live Stream can be exploited remotely to gain privileges;
2. Event handling vulnerability can be exploited remotely via specially script to cause denial of service;
3. Out-of-bounds write vulnerability can be exploited remotely to cause denial of service;
4. Multiple memory corruption vulnerabilities can be exploited to execute arbitrary code;

Первичный источник обнаружения

• https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/
  

Связанные продукты

• Mozilla-Thunderbird

Список CVE

• CVE-2018-12391
  critical
• CVE-2018-12392
  critical
• CVE-2018-12393
  warning
• CVE-2018-12389
  high
• CVE-2018-12390
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com