AVG-1072 log

Package thunderbird
Status Fixed
Severity Critical
Type arbitrary code execution
Affected 68.2.2-2
Fixed 68.3.0-1
Current 128.4.4-1 [extra-testing]
128.4.3-1 [extra]
Ticket None
Created Fri Dec 6 09:35:10 2019
Issue Severity Remote Type Description
CVE-2019-17012 Critical Yes Arbitrary code execution
Several memory safety bugs have been found in Firefox before 71.0 and Thunderbird before 68.3. Some of these bugs showed evidence of memory corruption and...
CVE-2019-17011 High Yes Arbitrary code execution
A use-after-free vulnerability has been found in Firefox before 71.0 and Thunderbird before 68.3. Under certain conditions, when retrieving a document from...
CVE-2019-17010 High Yes Arbitrary code execution
A use-after-free vulnerability has been found in Firefox before 71.0 and Thunderbird before 68.3. Under certain conditions, when checking the Resist...
CVE-2019-17008 Critical Yes Arbitrary code execution
A use-after-free vulnerability has been found in Firefox before 71.0 and Thunderbird before 68.3. When using nested workers, a use-after- free could occur...
CVE-2019-17005 High Yes Arbitrary code execution
An out-of-bounds write vulnerability has been found in Firefox before 71.0 and Thunderbird before 68.3 where the plain text serializer used a fixed-size...
CVE-2019-11745 Critical Yes Arbitrary code execution
An out-of-bounds write vulnerability has been found in the NSS component of Firefox before 71.0 and Thunderbird before 68.3. When encrypting with a block...
Date Advisory Package Type
06 Dec 2019 ASA-201912-2 thunderbird arbitrary code execution
References
https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/