Kaspersky ID:
KLA12052
Дата обнаружения:
26/01/2021
Обновлено:
25/01/2024

Описание

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. A security bypass vulnerability can be exploited to bypass security restrictions.
  2. A use-after-free vulnerability can be exploited to potentially cause denial of service.
  3. A memory safety vulnerability can be exploited to to cause denial of service and execute arbitrary code.
  4. OSI vulnerability can be exploited via special crafted PDF file to obtain sensitive information.
  5. A security vulnerability in STARTTLS connection can be exploited to bypass security restrictions.
  6. A type cinfusion vulnerability in JavaScript can be exploited to cause denial of service.

Первичный источник обнаружения

Связанные продукты

Список CVE

  • CVE-2020-26976
    high
  • CVE-2021-23960
    critical
  • CVE-2021-23964
    critical
  • CVE-2021-23953
    warning
  • CVE-2021-23954
    critical
  • CVE-2020-15685
    critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Confirm changes?
Your message has been sent successfully.