Vulnerabilities > Mozilla > Thunderbird
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-11 | CVE-2017-7825 | Improper Input Validation vulnerability in multiple products Several fonts on OS X display some Tibetan and Arabic characters as whitespace. | 5.3 |
2018-06-11 | CVE-2017-7824 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. | 9.8 |
2018-06-11 | CVE-2017-7823 | Cross-site Scripting vulnerability in multiple products The content security policy (CSP) "sandbox" directive did not create a unique origin for the document, causing it to behave as if the "allow-same-origin" keyword were always specified. | 5.4 |
2018-06-11 | CVE-2017-7819 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. | 9.8 |
2018-06-11 | CVE-2017-7818 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. | 9.8 |
2018-06-11 | CVE-2017-7814 | Improper Input Validation vulnerability in multiple products File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. | 7.8 |
2018-06-11 | CVE-2017-7810 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. | 9.8 |
2018-06-11 | CVE-2017-7809 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. | 9.8 |
2018-06-11 | CVE-2017-7807 | Improper Input Validation vulnerability in multiple products A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. | 8.1 |
2018-06-11 | CVE-2017-7805 | Use After Free vulnerability in multiple products During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. | 7.5 |