Multiple vulnerabilities in Mozilla Thunderbird

Описание

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. Security UI vulnerability in cursor can be exploited to spoof user interface.
2. Information disclosure vulnerability can be exploited to obtain sensitive information.
3. Remote code execution vulnerability in local filesystem for Windows can be exploited via special crafted shortcut to execute arbitrary code.
4. Memory safety vulnerability can be exploited to execute arbitrary code.

Первичный источник обнаружения

• MFSA2022-32
  

Связанные продукты

• Mozilla-Thunderbird

Список CVE

• CVE-2022-36319
  warning
• CVE-2022-36314
  warning
• CVE-2022-2505
  warning
• CVE-2022-36318
  warning

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com