Vulnerabilities > Mozilla > Thunderbird

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2017-7756 Use After Free vulnerability in multiple products
A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR).
network
low complexity
mozilla debian CWE-416
critical
9.8
2018-06-11 CVE-2017-7755 Untrusted Search Path vulnerability in Mozilla Firefox
The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run.
local
low complexity
mozilla CWE-426
7.8
2018-06-11 CVE-2017-7754 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations.
network
low complexity
debian redhat mozilla CWE-125
7.5
2018-06-11 CVE-2017-7753 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data.
network
low complexity
debian redhat mozilla CWE-125
critical
9.1
2018-06-11 CVE-2017-7752 Use After Free vulnerability in multiple products
A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled.
network
low complexity
debian redhat mozilla CWE-416
8.8
2018-06-11 CVE-2017-7751 Use After Free vulnerability in multiple products
A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash.
network
low complexity
debian redhat mozilla CWE-416
critical
9.8
2018-06-11 CVE-2017-7750 Use After Free vulnerability in multiple products
A use-after-free vulnerability during video control operations when a "<track>" element holds a reference to an older window if that window has been replaced in the DOM.
network
low complexity
debian redhat mozilla CWE-416
critical
9.8
2018-06-11 CVE-2017-7749 Use After Free vulnerability in multiple products
A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell.
network
low complexity
debian redhat mozilla CWE-416
critical
9.8
2018-06-11 CVE-2017-5472 Use After Free vulnerability in multiple products
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists.
network
low complexity
debian redhat mozilla CWE-416
critical
9.8
2018-06-11 CVE-2017-5470 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1.
network
low complexity
debian redhat mozilla CWE-119
critical
9.8