CVE-2018-12378 - log back

CVE-2018-12378 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A use-after-free vulnerability has been found in Thunderbird versions prior to 60.2.1, which can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12378
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1459383
Notes