Vulnerabilities > Mozilla > Thunderbird > 37.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2017-5378 | Information Exposure vulnerability in multiple products Hashed codes of JavaScript objects are shared between pages. | 5.0 |
| 2018-06-11 | CVE-2017-5376 | Use After Free vulnerability in multiple products Use-after-free while manipulating XSL in XSLT documents. | 7.5 |
| 2018-06-11 | CVE-2017-5375 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. | 7.5 |
| 2018-06-11 | CVE-2017-5373 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. | 7.5 |
| 2018-06-11 | CVE-2016-9905 | Improper Access Control vulnerability in multiple products A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. | 6.8 |
| 2018-06-11 | CVE-2016-9904 | Information Exposure vulnerability in multiple products An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. | 5.0 |
| 2018-06-11 | CVE-2016-9900 | 7PK - Security Features vulnerability in multiple products External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of "data:" URLs. | 5.0 |
| 2018-06-11 | CVE-2016-9899 | Use After Free vulnerability in multiple products Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. | 7.5 |
| 2018-06-11 | CVE-2016-9898 | Use After Free vulnerability in multiple products Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. | 7.5 |
| 2018-06-11 | CVE-2016-9897 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. | 5.0 |