8 matches found
SUSE CVE-2018-5161
Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...
SUSE CVE-2018-5170
It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...
DEBIAN-CVE-2018-5185
Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...
Mozilla: Encrypted mail leaks plaintext through src attribute
Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...
Mozilla: Hang via malformed headers
Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...
UBUNTU-CVE-2018-5185
Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...
Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension
A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR 52.8, Thunderbird 52.8, and...
Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files
Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR 52.8 an...