26 matches found
SUSE CVE-2019-11705
A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecuraddbydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...
SUSE CVE-2019-11703
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...
SUSE CVE-2019-11706
A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezonegetvtimezoneproperties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird 60.7.1...
SUSE CVE-2019-11704
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemorystrdupanddequote when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...
CVE-2019-11706
A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezonegetvtimezoneproperties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird 60.7.1...
DEBIAN-CVE-2019-11706
A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezonegetvtimezoneproperties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird 60.7.1...
CVE-2019-11703
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...
Mozilla: Type confusion in Array.pop
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR 60.7.1, Firefox 67.0.3, and Thunderbird 60.7.2...
libical: Heap buffer over read in icalparser.c parser_get_next_char
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...
libical: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c
A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezonegetvtimezoneproperties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird 60.7.1...
libical: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemorystrdupanddequote when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...
libical: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c
A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecuraddbydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...
libical: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c
A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecuraddbydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...
libical: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemorystrdupanddequote when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...
libical: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c
A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezonegetvtimezoneproperties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird 60.7.1...
Mozilla Firefox ESR Security Advisories (MFSA2019-16, MFSA2019-18) - Mac OS X
Mozilla Firefox ESR is prone to a type confusion vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Security fix for the ALT Linux 10 package firefox-esr version 60.7.1-alt1
June 18, 2019 Andrey Cherepanov 60.7.1-alt1 - New ESR version 60.7.1. - Fixed: + CVE-2019-11707 Type confusion in Array.pop...
Mozilla Thunderbird < 60.7.1
The version of Thunderbird installed on the remote Windows host is prior to 60.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-17 advisory. - A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecuraddbydayrules when...
Debian DLA-1820-1 : thunderbird security update
Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read. For Debian 8 'Jessie', these problems have been fixed in version 1:60.7.1-1deb8u1. We recommend that you upgrade your thunderbird packages. NOTE: Tenable...
Mozilla Firefox ESR < 60.7.1
The version of Firefox ESR installed on the remote Windows host is prior to 60.7.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2019-18 advisory. - A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow f...