Vulnerabilities > Mozilla > Thunderbird > 0.7.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-24 | CVE-2021-24002 | Injection vulnerability in Mozilla Thunderbird When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. | 8.8 |
| 2021-06-24 | CVE-2021-29946 | Integer Overflow or Wraparound vulnerability in Mozilla Firefox Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. | 6.8 |
| 2021-06-24 | CVE-2021-29948 | Race Condition vulnerability in Mozilla Thunderbird Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. | 1.9 |
| 2021-06-24 | CVE-2021-29949 | Uncontrolled Search Path Element vulnerability in Mozilla Thunderbird When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. | 4.4 |
| 2021-06-24 | CVE-2021-29950 | Cleartext Storage of Sensitive Information vulnerability in Mozilla Thunderbird Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. | 5.0 |
| 2021-06-24 | CVE-2021-29951 | Improper Privilege Management vulnerability in Mozilla Firefox The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. | 6.4 |
| 2021-06-24 | CVE-2021-29957 | Unspecified vulnerability in Mozilla Thunderbird If a MIME encoded email contains an OpenPGP inline signed or encrypted message part, but also contains an additional unprotected part, Thunderbird did not indicate that only parts of the message are protected. network mozilla | 4.3 |
| 2021-06-24 | CVE-2021-29964 | Out-of-bounds Read vulnerability in Mozilla Firefox A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. | 5.8 |
| 2021-06-24 | CVE-2021-29967 | Out-of-bounds Write vulnerability in Mozilla Firefox ESR Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. | 8.8 |
| 2021-03-31 | CVE-2021-23987 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. | 6.8 |