Mozilla Thunderbird vulnerabilities

CVE-2018-12365 [MEDIUM] CWE-200 CVE-2018-12365: A compromised IPC child process can escape the content sandbox and list the names of arbitrary files A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

CVE-2017-7786 [CRITICAL] CWE-119 CVE-2017-7786: A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVE-2017-5396 [CRITICAL] CWE-416 CVE-2017-5396: A use-after-free vulnerability in the Media Decoder when working with media files when some events a A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

CVE-2017-5442 [CRITICAL] CWE-416 CVE-2017-5442: A use-after-free vulnerability during changes in style when manipulating DOM elements. This results A use-after-free vulnerability during changes in style when manipulating DOM elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVE-2016-5297 [CRITICAL] CWE-190 CVE-2016-5297: An error in argument length checking in JavaScript, leading to potential integer overflows or other An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

CVE-2017-7828 [CRITICAL] CWE-416 CVE-2017-7828: A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use. This results in a potentially exploitable crash during these operations. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5.

CVE-2017-5403 [CRITICAL] CWE-416 CVE-2017-5403: When adding a range to an object in the DOM, it is possible to use "addRange" to add the range to an When adding a range to an object in the DOM, it is possible to use "addRange" to add the range to an incorrect root object. This triggers a use-after-free, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 52 and Thunderbird < 52.

CVE-2017-7818 [CRITICAL] CWE-416 CVE-2017-7818: A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applic A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

CVE-2018-5150 [CRITICAL] CWE-119 CVE-2018-5150: Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of thes Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8

CVE-2017-5433 [CRITICAL] CWE-416 CVE-2017-5433: A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation element A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVE-2017-5432 [CRITICAL] CWE-416 CVE-2017-5432: A use-after-free vulnerability occurs during certain text input selection resulting in a potentially A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

CVE-2018-5154 [CRITICAL] CWE-416 CVE-2018-5154: A use-after-free vulnerability can occur while enumerating attributes during SVG animations with cli A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

CVE-2018-5096 [CRITICAL] CWE-416 CVE-2018-5096: A use-after-free vulnerability can occur while editing events in form elements on a page, resulting A use-after-free vulnerability can occur while editing events in form elements on a page, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.6 and Thunderbird < 52.6.

CVE-2017-7758 [CRITICAL] CWE-125 CVE-2017-7758: An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio st An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

CVE-2017-7785 [CRITICAL] CWE-119 CVE-2017-7785: A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attribute A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVE-2018-5097 [CRITICAL] CWE-416 CVE-2018-5097: A use-after-free vulnerability can occur during XSL transformations when the source document for the A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.

CVE-2017-7792 [CRITICAL] CWE-119 CVE-2017-7792: A buffer overflow will occur when viewing a certificate in the certificate manager if the certificat A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVE-2017-7810 [CRITICAL] CWE-119 CVE-2017-7810: Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. Some of these bugs showed evide Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

CVE-2018-5183 [CRITICAL] CWE-119 CVE-2018-5183: Mozilla developers backported selected changes in the Skia library. These changes correct memory cor Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.

CVE-2018-5145 [CRITICAL] CWE-119 CVE-2018-5145: Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruptio Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7.