CVE-2017-7805 log

Source
Severity Critical
Remote Yes
Type Arbitrary code execution
Description
A security issue has been found in Thunderbird < 52.4. During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new buffer. This leaves a pointer pointing to the old, freed buffer, resulting in a use-after-free when handshake hashes are then calculated afterwards. This can result in a potentially exploitable crash.
Group Package Affected Fixed Severity Status Ticket
AVG-441 thunderbird 52.3.0-2 52.4.0-1 Critical Fixed
Date Advisory Group Package Severity Description
12 Oct 2017 ASA-201710-19 AVG-441 thunderbird Critical multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/#CVE-2017-7805
https://bugzilla.mozilla.org/show_bug.cgi?id=1377618