AVG-1729 log
| Package | thunderbird |
| Status | Fixed |
| Severity | High |
| Type | multiple issues |
| Affected | 78.8.1-1 |
| Fixed | 78.9.0-1 |
| Current |
128.4.4-1 [extra-testing] 128.4.3-1 [extra] |
| Ticket | None |
| Created | Tue Mar 23 14:04:42 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-23987 | High | Yes | Arbitrary code execution | A security issue was found in Firefox before version 87 and Thunderbird before version 78.9. Mozilla developers and community members reported memory safety... |
| CVE-2021-23984 | Medium | Yes | Content spoofing | A security issue was found in Firefox before version 87 and Thunderbird before version 78.9. A malicious extension could have opened a popup window lacking... |
| CVE-2021-23982 | Medium | Yes | Information disclosure | A security issue was found in Firefox before version 87 and Thunderbird before version 78.9. Using techniques that built on the slipstream research, a... |
| CVE-2021-23981 | High | Yes | Arbitrary code execution | A security issue was found in Firefox before version 87 and Thunderbird before version 78.9. A texture upload of a Pixel Buffer Object could have confused... |
| Notes |
|---|
In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. |