Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:28363
HistoryDec 06, 2020 - 4:13 a.m.

Arbitrary Code Execution

2020-12-0604:13:31
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
arbitrary code execution
stack corruption
exploitable vulnerability
thunderbird software

EPSS

0.002

Percentile

55.8%

thunderbird is vulnerable to arbitrary code execution. When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable.

Affected configurations

Vulners
Node
-thunderbird\Matchsid1\78.5.0-1
OR
-thunderbird\Matchstretch1\68.10.0-1~deb9u1
OR
-thunderbird\Matchstretch1\52.9.1-1~deb9u1
OR
-thunderbird\Matchstretch1\60.9.0-1~deb9u1
OR
-thunderbird\Matchbuster1\60.9.0-1~deb10u1
OR
-thunderbird\Matchbuster1\78.5.0-1~deb10u1
OR
-thunderbird\Matchbuster1\68.12.0-1~deb10u1
OR
-thunderbird\Matchbullseye1\78.5.0-1
OR
-thunderbirdMatch31.8.0_1.ael7b_1
OR
-thunderbirdMatch68.3.0_1.el7.centos
OR
-thunderbirdMatch68.7.0_1.el7.centos
OR
-thunderbirdMatch31.6.0_1.ael7b_1
OR
-thunderbirdMatch68.6.0_1.el7.centos
OR
-thunderbirdMatch52.9.1_1.el7.centos
OR
-thunderbirdMatch68.9.0_1.el7.centos
OR
-thunderbirdMatch68.4.1_2.el7.centos
OR
-thunderbirdMatch31.7.0_1.ael7b_1
OR
-thunderbirdMatch38.2.0_1.ael7b_1
OR
-thunderbirdMatch68.2.0_1.el7.centos
OR
-thunderbirdMatch52.8.0_1.el7.centos
OR
-thunderbirdMatch60.6.1_1.el7.centos
OR
-thunderbirdMatch60.3.0_1.el7.centos
OR
-thunderbirdMatch60.7.0_1.el7.centos
OR
-thunderbirdMatch38.3.0_1.ael7b_1
OR
-thunderbirdMatch60.5.0_1.el8
OR
-thunderbirdMatch78.5.0_1.el7.centos
OR
-thunderbirdMatch60.9.0_1.el7.centos
OR
-thunderbirdMatch68.5.0_1.el7.centos
OR
-thunderbirdMatch68.8.0_1.el7.centos
OR
-thunderbirdMatch78.4.0_1.el7.centos
OR
-thunderbirdMatch60.8.0_1.el8_0
OR
-thunderbirdMatch60.4.0_1.el7.centos
OR
-thunderbirdMatch68.11.0_1.el7.centos
OR
-thunderbirdMatch60.8.0_1.el7.centos
OR
-thunderbirdMatch68.10.0_1.el7.centos
OR
-thunderbirdMatch60.5.0_1.el7.centos
OR
-thunderbirdMatch60.7.2_2.el7.centos
OR
-thunderbirdMatch68.12.0_1.el7.centos
OR
-thunderbird\Matchgroovy1\78.3.2+build1-0ubuntu1
OR
-thunderbird\Matchgroovy1\68.10.0+build1-0ubuntu1
OR
-thunderbird\Matchgroovy1\78.2.2+build1-0ubuntu1
OR
-thunderbird\Matchgroovy1\78.5.0+build3-0ubuntu0.20.10.1
OR
-thunderbird\Matchgroovy1\78.2.1+build1-0ubuntu1
OR
-thunderbird\Matchdevel1\78.5.0+build3-0ubuntu1
OR
-thunderbird\Matchdevel1\78.2.1+build1-0ubuntu1
OR
-thunderbird\Matchdevel1\68.10.0+build1-0ubuntu1
OR
-thunderbird\Matchdevel1\78.2.2+build1-0ubuntu1
OR
-thunderbird\Matchfocal1\78.5.0+build3-0ubuntu0.20.04.1
OR
-thunderbird\Matchfocal1\68.10.0+build1-0ubuntu0.20.04.1
OR
-thunderbird\Matchfocal1\68.7.0+build1-0ubuntu2
OR
-thunderbird\Matchhirsute1\78.5.0+build3-0ubuntu1
OR
-thunderbird\Matchbionic1\52.7.0+build1-0ubuntu1
OR
-thunderbird\Matchbionic1\68.10.0+build1-0ubuntu0.18.04.1
OR
-thunderbirdMatch68.6.0-r0
OR
-thunderbirdMatch68.7.0-r0
OR
-thunderbirdMatch68.8.0-r0
OR
-thunderbirdMatch68.6.0-r2
OR
-thunderbirdMatch68.7.0-r1
OR
-thunderbirdMatch68.5.0-r1
OR
-thunderbirdMatch68.8.1-r0
VendorProductVersionCPE
-thunderbird\sidcpe:2.3:a:-:thunderbird\:sid:1\:78.5.0-1:*:*:*:*:*:*:*
-thunderbird\stretchcpe:2.3:a:-:thunderbird\:stretch:1\:68.10.0-1~deb9u1:*:*:*:*:*:*:*
-thunderbird\stretchcpe:2.3:a:-:thunderbird\:stretch:1\:52.9.1-1~deb9u1:*:*:*:*:*:*:*
-thunderbird\stretchcpe:2.3:a:-:thunderbird\:stretch:1\:60.9.0-1~deb9u1:*:*:*:*:*:*:*
-thunderbird\bustercpe:2.3:a:-:thunderbird\:buster:1\:60.9.0-1~deb10u1:*:*:*:*:*:*:*
-thunderbird\bustercpe:2.3:a:-:thunderbird\:buster:1\:78.5.0-1~deb10u1:*:*:*:*:*:*:*
-thunderbird\bustercpe:2.3:a:-:thunderbird\:buster:1\:68.12.0-1~deb10u1:*:*:*:*:*:*:*
-thunderbird\bullseyecpe:2.3:a:-:thunderbird\:bullseye:1\:78.5.0-1:*:*:*:*:*:*:*
-thunderbird31.8.0_1.ael7b_1cpe:2.3:a:-:thunderbird:31.8.0_1.ael7b_1:*:*:*:*:*:*:*
-thunderbird68.3.0_1.el7.centoscpe:2.3:a:-:thunderbird:68.3.0_1.el7.centos:*:*:*:*:*:*:*
Rows per page:
1-10 of 601