The vulnerability of the Thunderbird email client’s libical library allows a hacker to induce a service failure.

The vulnerability of the Thunderbird email client’s libical library is related to the overflow of the icalrecuraddbydayrules stack buffer when processing certain email messages. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20190627)

Security Fixes : - Mozilla: Type confusion in Array.pop CVE-2019-11707 - thunderbird: Stack buffer overflow in icalrecuraddbydayrules in icalrecur.c CVE-2019-11705 - Mozilla: Sandbox escape using Prompt:Open CVE-2019-11708 - thunderbird: Heap buffer over read in icalparser.c parsergetnextchar...

thunderbird security update

CentOS Errata and Security Advisory CESA-2019:1624 An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

libical: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c

A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecuraddbydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...

openSUSE Security Update : MozillaThunderbird (openSUSE-2019-1583)

This update for MozillaThunderbird fixes the following security issues : - CVE-2019-11703: Fixed a heap-based buffer overflow in icalmemorystrdupanddequote bsc1137595. - CVE-2019-11704: Fixed a heap-based buffer overflow in parsergetnextchar bsc1137595. - CVE-2019-11705: Fixed a stack-based buffe...