Vulnerabilities > Mozilla > Thunderbird > 0.7.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-11 | CVE-2018-5097 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. | 9.8 |
2018-06-11 | CVE-2018-5096 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur while editing events in form elements on a page, resulting in a potentially exploitable crash. | 9.8 |
2018-06-11 | CVE-2018-5095 | Use of Uninitialized Resource vulnerability in multiple products An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. | 9.8 |
2018-06-11 | CVE-2018-5089 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. | 9.8 |
2018-06-11 | CVE-2017-7848 | Injection vulnerability in multiple products RSS fields can inject new lines into the created email structure, modifying the message body. | 5.3 |
2018-06-11 | CVE-2017-7847 | Information Exposure vulnerability in multiple products Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. | 4.3 |
2018-06-11 | CVE-2017-7846 | Injection vulnerability in multiple products It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. | 8.8 |
2018-06-11 | CVE-2017-7845 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. | 8.8 |
2018-06-11 | CVE-2017-7830 | The Resource Timing API incorrectly revealed navigations in cross-origin iframes. | 6.5 |
2018-06-11 | CVE-2017-7829 | Improper Input Validation vulnerability in multiple products It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. | 5.3 |