Vulnerabilities > Mozilla > Thunderbird > 0.7.1

DATE CVE VULNERABILITY TITLE RISK
2022-12-22 CVE-2022-31747 Use After Free vulnerability in Mozilla Firefox
Mozilla developers Andrew McCreight, Nicolas B.
network
low complexity
mozilla CWE-416
critical
9.8
2022-12-22 CVE-2022-34468 Unspecified vulnerability in Mozilla Firefox
An iframe that was not permitted to run scripts could do so if the user clicked on a <code>javascript:</code> link.
network
low complexity
mozilla
8.8
2022-12-22 CVE-2022-34470 Use After Free vulnerability in Mozilla Firefox
Session history navigations may have led to a use-after-free and potentially exploitable crash.
network
low complexity
mozilla CWE-416
critical
9.8
2022-12-22 CVE-2022-34472 Unspecified vulnerability in Mozilla Firefox
If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown.
network
low complexity
mozilla
4.3
2022-12-22 CVE-2022-34478 Unspecified vulnerability in Mozilla Firefox
The <code>ms-msdt</code>, <code>search</code>, and <code>search-ms</code> protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt.
network
low complexity
mozilla
6.5
2022-12-22 CVE-2022-34479 Unspecified vulnerability in Mozilla Firefox
A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks.
network
low complexity
mozilla
6.5
2022-12-22 CVE-2022-34481 Integer Overflow or Wraparound vulnerability in Mozilla Firefox
In the <code>nsTArray_Impl::ReplaceElementsAt()</code> function, an integer overflow could have occurred when the number of elements to replace was too large for the container.
network
low complexity
mozilla CWE-190
8.8
2022-12-22 CVE-2022-34484 Use After Free vulnerability in Mozilla Firefox
The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10.
network
low complexity
mozilla CWE-416
8.8
2022-12-22 CVE-2022-36314 Uncontrolled Search Path Element vulnerability in Mozilla Firefox
When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows.
local
low complexity
mozilla CWE-427
5.5
2022-12-22 CVE-2022-36318 Race Condition vulnerability in Mozilla Thunderbird
When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected.
network
high complexity
mozilla CWE-362
5.3