Vulnerabilities > Mozilla > Thunderbird > 60.3.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-26 | CVE-2019-9813 | Type Confusion vulnerability in Mozilla Thunderbird Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. | 8.8 |
| 2019-04-26 | CVE-2019-9810 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. | 8.8 |
| 2019-04-26 | CVE-2019-9801 | Improper Input Validation vulnerability in Mozilla Firefox Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. | 5.3 |
| 2019-04-26 | CVE-2019-9796 | Use After Free vulnerability in Mozilla Firefox A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a single registration is expected. | 9.8 |
| 2019-04-26 | CVE-2019-9795 | Type Confusion vulnerability in Mozilla Firefox A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. | 9.8 |
| 2019-04-26 | CVE-2019-9794 | Argument Injection or Modification vulnerability in Mozilla Firefox A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. | 9.8 |
| 2019-04-26 | CVE-2019-9793 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. | 5.9 |
| 2019-04-26 | CVE-2019-9792 | Out-of-bounds Write vulnerability in multiple products The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout. | 9.8 |
| 2019-04-26 | CVE-2019-9791 | Type Confusion vulnerability in multiple products The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacement (OSR). | 9.8 |
| 2019-04-26 | CVE-2019-9790 | Use After Free vulnerability in Mozilla Thunderbird A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. | 9.8 |