AVG-751

Package thunderbird
Status Fixed
Severity Critical
Type multiple issues
Affected 52.9.1-1
Fixed 60.0-1
Current 60.0-3 [extra]
Ticket None
Created Tue Aug 7 07:41:15 2018
Issue Severity Remote Type Description
CVE-2018-5187 Critical Yes Arbitrary code execution
Several memory safety bugs have been found in Firefox before 61.0 and Thunderbird before 60.0. Some of these bugs showed evidence of memory corruption and...
CVE-2018-5156 High Yes Arbitrary code execution
A vulnerability can occur in Firefox before 61.0  and Thunderbird before 60.0 when capturing a media stream when the media source type is changed as the...
CVE-2018-12371 Medium Yes Arbitrary code execution
An integer overflow vulnerability has been found in the Skia library shipped with Firefox before 61.0  and Thunderbird before 60.0, when allocating memory...
CVE-2018-12367 Medium Yes Information disclosure
A security issue has been found in Firefox before 61.0 and Thunderbird before 60.0. In the previous mitigations for Spectre, the resolution or precision of...
CVE-2018-12361 Critical Yes Arbitrary code execution
An integer overflow can occur in Firefox before 61.0 and Thunderbird before 60.0 in the SwizzleData code while calculating buffer sizes. The overflowed...
Date Advisory Package Description
10 Aug 2018 ASA-201808-8 thunderbird multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/