Vulnerabilities > Mozilla > Thunderbird > 0.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-27 | CVE-2019-11740 | Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. | 6.8 |
2019-09-27 | CVE-2019-11739 | Cleartext Transmission of Sensitive Information vulnerability in Mozilla Thunderbird Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. | 4.3 |
2019-07-23 | CVE-2019-9820 | Use After Free vulnerability in Mozilla Firefox and Firefox ESR A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. | 7.5 |
2019-07-23 | CVE-2019-9819 | Improper Input Validation vulnerability in Mozilla Thunderbird A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. | 7.5 |
2019-07-23 | CVE-2019-9818 | Race Condition vulnerability in Mozilla Firefox A race condition is present in the crash generation server used to generate data for the crash reporter. | 5.1 |
2019-07-23 | CVE-2019-9817 | Origin Validation Error vulnerability in Mozilla Firefox and Firefox ESR Images from a different domain can be read using a canvas object in some circumstances. | 5.0 |
2019-07-23 | CVE-2019-9816 | Type Confusion vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. | 4.3 |
2019-07-23 | CVE-2019-9815 | Information Exposure Through Discrepancy vulnerability in Mozilla Firefox If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. | 6.8 |
2019-07-23 | CVE-2019-9811 | Injection vulnerability in multiple products As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. | 8.3 |
2019-07-23 | CVE-2019-9800 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox Mozilla developers and community members reported memory safety bugs present in Firefox 66, Firefox ESR 60.6, and Thunderbird 60.6. | 7.5 |