Vulnerabilities > Mozilla > Thunderbird
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2017-5405 | DEPRECATED: Use of Uninitialized Resource vulnerability in multiple products Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. | 5.3 |
| 2018-06-11 | CVE-2017-5404 | Use After Free vulnerability in multiple products A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. | 9.8 |
| 2018-06-11 | CVE-2017-5403 | Use After Free vulnerability in Mozilla Thunderbird When adding a range to an object in the DOM, it is possible to use "addRange" to add the range to an incorrect root object. | 9.8 |
| 2018-06-11 | CVE-2017-5402 | Use After Free vulnerability in multiple products A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. | 9.8 |
| 2018-06-11 | CVE-2017-5401 | 7PK - Errors vulnerability in multiple products A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a logic error. | 9.8 |
| 2018-06-11 | CVE-2017-5400 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. | 9.8 |
| 2018-06-11 | CVE-2017-5399 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox Memory safety bugs were reported in Firefox 51. | 9.8 |
| 2018-06-11 | CVE-2017-5398 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Thunderbird 45.7. | 9.8 |
| 2018-06-11 | CVE-2017-5396 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. | 9.8 |
| 2018-06-11 | CVE-2017-5390 | The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. | 9.8 |