Vulnerabilities > Mozilla > Thunderbird > 52.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-23 | CVE-2019-11707 | Type Confusion vulnerability in Mozilla Thunderbird A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. | 8.8 |
| 2019-07-23 | CVE-2019-11706 | Type Confusion vulnerability in Mozilla Thunderbird A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email messages, resulting in a crash. | 7.5 |
| 2019-07-23 | CVE-2019-11705 | Out-of-bounds Write vulnerability in Mozilla Thunderbird A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecur_add_bydayrules when processing certain email messages, resulting in a potentially exploitable crash. | 9.8 |
| 2019-07-23 | CVE-2019-11704 | Out-of-bounds Write vulnerability in Mozilla Thunderbird A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email messages, resulting in a potentially exploitable crash. | 7.5 |
| 2019-07-23 | CVE-2019-11703 | Out-of-bounds Write vulnerability in Mozilla Thunderbird A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parser_get_next_char when processing certain email messages, resulting in a potentially exploitable crash. | 7.5 |
| 2019-07-23 | CVE-2019-11698 | Improper Input Validation vulnerability in Mozilla Firefox and Firefox ESR If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event data. | 5.0 |
| 2019-07-23 | CVE-2019-11694 | Use of Uninitialized Resource vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. | 5.0 |
| 2019-07-23 | CVE-2019-11693 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux. | 7.5 |
| 2019-07-23 | CVE-2019-11692 | Use After Free vulnerability in Mozilla Firefox and Firefox ESR A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potentially exploitable crash. | 7.5 |
| 2019-07-23 | CVE-2019-11691 | Use After Free vulnerability in Mozilla Firefox and Firefox ESR A use-after-free vulnerability can occur when working with XMLHttpRequest (XHR) in an event loop, causing the XHR main thread to be called after it has been freed. | 7.5 |