Security vulnerabilities fixed in Thunderbird 60.6.1

2019-03-25T00:00:00
ID MFSA2019-12
Type mozilla
Reporter Mozilla Foundation
Modified 2019-03-25T00:00:00

Description

Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write.