KLA51620
Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. Memory safety vulnerability can be exploited to execute arbitrary code.
2. Out of bounds read vulnerability in DOMParser can be exploited to cause denial of service.
3. An elevation of privilege vulnerability in popup notifications can be exploited remotely to gain privileges.
4. An elevation of privilege vulnerability in Firefox uninstaller can be exploited remotely to gain privileges.
5. Use after free vulnerability can be exploited to cause denial of service or execute arbitrary code.
6. Stack buffer overflow vulnerability in StorageManager can be exploited remotely to cause denial of service.
7. Security vulnerability in Offscreen Canvas can be exploited to bypass security restrictions.
8. Security UI vulnerability can be exploited to spoof user interface and execute arbitrary code.
9. Cookie jar overflow vulnerability can be exploited to cause denial of service.
10. Denial of service vulnerability in WASM JIT analysis can be exploited to cause denial of service.

Mozilla Thunderbird 115.x earlier than 115.1

Update to the latest version
Download Thunderbird