AVG-980 log

Package thunderbird
Status Fixed
Severity High
Type multiple issues
Affected 60.7.0-1
Fixed 60.7.1-1
Current 128.5.1-1 [extra-testing]
128.4.4-1 [extra]
Ticket None
Created Fri Jun 14 07:51:24 2019
Issue Severity Remote Type Description
CVE-2019-11706 Low Yes Denial of service
A flaw in Thunderbird's implementation of iCal before 60.7.1 causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email...
CVE-2019-11705 High Yes Arbitrary code execution
A flaw in Thunderbird's implementation of iCal before 60.7.1 causes a stack buffer overflow in icalrecur_add_bydayrules when processing certain email...
CVE-2019-11704 High Yes Arbitrary code execution
A flaw in Thunderbird's implementation of iCal before 60.7.1 causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email...
CVE-2019-11703 High Yes Arbitrary code execution
A flaw in Thunderbird's implementation of iCal before 60.7.1 causes a heap buffer overflow in parser_get_next_char when processing certain email messages,...
Date Advisory Package Type
14 Jun 2019 ASA-201906-10 thunderbird multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2019-17/