CVE-2018-12378 log
Source |
|
Severity | High |
Remote | Yes |
Type | Arbitrary code execution |
Description | A use-after-free vulnerability has been found in Thunderbird versions prior to 60.2.1, which can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-782 | thunderbird | 60.0-4 | 60.2.1-1 | Critical | Fixed | FS#60424 |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
18 Oct 2018 | ASA-201810-13 | AVG-782 | thunderbird | Critical | multiple issues |
References |
---|
https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12378 https://bugzilla.mozilla.org/show_bug.cgi?id=1459383 |