Vulnerabilities > Mozilla > Thunderbird > 0.7.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-28 | CVE-2018-18499 | Origin Validation Error vulnerability in Mozilla Firefox A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). | 6.5 |
| 2019-02-28 | CVE-2018-18498 | Integer Overflow or Wraparound vulnerability in multiple products A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. | 9.8 |
| 2019-02-28 | CVE-2018-18494 | Origin Validation Error vulnerability in multiple products A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). | 6.5 |
| 2019-02-28 | CVE-2018-18493 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. | 9.8 |
| 2019-02-28 | CVE-2018-18492 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. | 9.8 |
| 2019-02-28 | CVE-2018-12405 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. | 9.8 |
| 2019-02-28 | CVE-2018-12392 | When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. | 9.8 |
| 2019-02-28 | CVE-2018-12391 | Incorrect Authorization vulnerability in Mozilla Firefox During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. | 8.8 |
| 2019-02-28 | CVE-2018-12390 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. | 9.8 |
| 2019-02-28 | CVE-2018-12389 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. | 8.8 |