Kaspersky ID:
KLA11411
Дата обнаружения:
29/01/2019
Обновлено:
22/01/2024

Описание

  1. Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code.

    Below is a complete list of vulnerabilities:

    1. Use-after-free vulnerability can be exploited remotely via specially designed HTML5 stream to cause denial of service.
    2. Inter-process Communication (IPC) vulnerability can be exploited remotely via attempt to communicate with the IPC object without validation to bypass security restrictions.
    3. Use-after-free vulnerability in the Libical libary in Thunderbird can be exploited remotely via a specially designed ICS calendar to cause a denial of service.
    4. Multiple memory corruption vulnerabilities can be exploited remotely to execute arbitrary code.

Первичный источник обнаружения

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

  • CVE-2018-18500
    critical
  • CVE-2018-18505
    critical
  • CVE-2018-18501
    critical
  • CVE-2016-5824
    warning
  • CVE-2018-18512
    critical
  • CVE-2018-18513
    warning

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Узнай больше об угрозах и векторах атаки на Энциклопедии Kaspersky
Бесплатно
Читать
Kaspersky Premium
Комплексное решение для защиты вашей цифровой жизни
Премиум
Скачать
Confirm changes?
Your message has been sent successfully.