Kaspersky ID:
KLA62519
Дата обнаружения:
19/12/2023
Обновлено:
20/12/2023

Описание

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service, spoof user interface.

Below is a complete list of vulnerabilities:

  1. Security vulnerability in Symlinks can be exploited to bypass security restrictions.
  2. Security vulnerability in VideoBridge can be exploited to bypass security restrictions.
  3. Memory safety vulnerability can be exploited to execute arbitrary code.
  4. Use after free vulnerability in PR_GetIdentitiesLayer can be exploited to execute arbitrary code.
  5. Heap buffer overflow vulnerability in nsTextFragment can be exploited to cause denial of service.
  6. Heap buffer overflow vulnerability in nsWindow::PickerOpen(void) can be exploited to cause denial of service.
  7. Heap buffer overflow vulnerability in WebGL ACE can be exploited to execute arbitrary code.
  8. Security vulnerability in ShutdownObserver can be exploited to bypass security restrictions.
  9. Use after free vulnerability in nsDNSService can be exploited to execute arbitrary code.
  10. Security UI vulnerability can be exploited to spoof user interface.

Первичный источник обнаружения

Связанные продукты

Список CVE

  • CVE-2023-6857
    warning
  • CVE-2023-6860
    warning
  • CVE-2023-6864
    warning
  • CVE-2023-6859
    warning
  • CVE-2023-6858
    warning
  • CVE-2023-6861
    warning
  • CVE-2023-6856
    warning
  • CVE-2023-6863
    warning
  • CVE-2023-6862
    warning
  • CVE-2023-50762
    warning
  • CVE-2023-50761
    warning

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Confirm changes?
Your message has been sent successfully.