Vulnerabilities > Mozilla > Thunderbird > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2017-5425 | Information Exposure vulnerability in Mozilla Firefox The Gecko Media Plugin sandbox allows access to local files that match specific regular expressions. | 7.5 |
| 2018-06-11 | CVE-2017-5422 | Improper Input Validation vulnerability in Mozilla Thunderbird If a malicious site uses the "view-source:" protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. | 7.5 |
| 2018-06-11 | CVE-2017-5421 | Improper Input Validation vulnerability in Mozilla Thunderbird A malicious site could spoof the contents of the print preview window if popup windows are enabled, resulting in user confusion of what site is currently loaded. | 7.5 |
| 2018-06-11 | CVE-2017-5419 | Unspecified vulnerability in Mozilla Thunderbird If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. | 7.5 |
| 2018-06-11 | CVE-2017-5416 | NULL Pointer Dereference vulnerability in Mozilla Thunderbird In certain circumstances a networking event listener can be prematurely released. | 7.5 |
| 2018-06-11 | CVE-2017-5412 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox A buffer overflow read during SVG filter color value operations, resulting in data exposure. | 7.5 |
| 2018-06-11 | CVE-2017-5411 | Use After Free vulnerability in Mozilla Firefox A use-after-free can occur during buffer storage operations within the ANGLE graphics library, used for WebGL content. | 7.5 |
| 2018-06-11 | CVE-2017-5406 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Thunderbird A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. | 7.5 |
| 2018-06-11 | CVE-2017-5378 | Information Exposure vulnerability in multiple products Hashed codes of JavaScript objects are shared between pages. | 7.5 |
| 2018-06-11 | CVE-2016-9905 | Improper Access Control vulnerability in multiple products A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. | 8.8 |