Vulnerabilities > Mozilla > Thunderbird

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2017-7753 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data.
network
low complexity
debian redhat mozilla CWE-125
critical
9.1
2018-06-11 CVE-2017-7752 Use After Free vulnerability in multiple products
A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled.
network
low complexity
debian redhat mozilla CWE-416
8.8
2018-06-11 CVE-2017-7751 Use After Free vulnerability in multiple products
A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash.
network
low complexity
debian redhat mozilla CWE-416
critical
9.8
2018-06-11 CVE-2017-7750 Use After Free vulnerability in multiple products
A use-after-free vulnerability during video control operations when a "<track>" element holds a reference to an older window if that window has been replaced in the DOM.
network
low complexity
debian redhat mozilla CWE-416
critical
9.8
2018-06-11 CVE-2017-7749 Use After Free vulnerability in multiple products
A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell.
network
low complexity
debian redhat mozilla CWE-416
critical
9.8
2018-06-11 CVE-2017-5472 Use After Free vulnerability in multiple products
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists.
network
low complexity
debian redhat mozilla CWE-416
critical
9.8
2018-06-11 CVE-2017-5470 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1.
network
low complexity
debian redhat mozilla CWE-119
critical
9.8
2018-06-11 CVE-2017-5469 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex.
network
low complexity
debian redhat mozilla CWE-119
critical
9.8
2018-06-11 CVE-2017-5467 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region.
network
low complexity
redhat mozilla CWE-119
7.5
2018-06-11 CVE-2017-5466 Cross-site Scripting vulnerability in multiple products
If a page is loaded from an original site through a hyperlink and contains a redirect to a "data:text/html" URL, triggering a reload will run the reloaded "data:text/html" page with its origin set incorrectly.
network
low complexity
redhat mozilla CWE-79
6.1