Mozilla

Thunderbird

1584 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2017-5399

  • EPSS 0.73%
  • Veröffentlicht 11.06.2018 21:29:03
  • Zuletzt bearbeitet 21.11.2024 03:27:31

Memory safety bugs were reported in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52 and Th...

7.5

CVE-2016-9897

Exploit
  • EPSS 3.95%
  • Veröffentlicht 11.06.2018 21:29:02
  • Zuletzt bearbeitet 21.11.2024 03:01:58

Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

9.8

CVE-2016-9898

Exploit
  • EPSS 2.6%
  • Veröffentlicht 11.06.2018 21:29:02
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

9.8

CVE-2016-9899

Exploit
  • EPSS 36.42%
  • Veröffentlicht 11.06.2018 21:29:02
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

7.5

CVE-2016-9900

Exploit
  • EPSS 1.37%
  • Veröffentlicht 11.06.2018 21:29:02
  • Zuletzt bearbeitet 25.11.2025 17:50:16

External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of "data:" URLs. This could allow for cross-domain data leakage. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and T...

7.5

CVE-2016-9904

  • EPSS 1.19%
  • Veröffentlicht 11.06.2018 21:29:02
  • Zuletzt bearbeitet 25.11.2025 17:50:16

An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. Th...

8.8

CVE-2016-9905

Exploit
  • EPSS 1.17%
  • Veröffentlicht 11.06.2018 21:29:02
  • Zuletzt bearbeitet 25.11.2025 17:50:16

A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR < 45.6 and Thunderbird < 45.6.

9.8

CVE-2017-5373

  • EPSS 1.93%
  • Veröffentlicht 11.06.2018 21:29:02
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affe...

9.8

CVE-2017-5375

Exploit
  • EPSS 60.74%
  • Veröffentlicht 11.06.2018 21:29:02
  • Zuletzt bearbeitet 25.11.2025 17:50:16

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

9.8

CVE-2017-5376

  • EPSS 1.8%
  • Veröffentlicht 11.06.2018 21:29:02
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.