CVE-2018-5129 log

Source
Severity High
Remote No
Type Access restriction bypass
Description
A lack of parameter validation on IPC messages results in a potential out-of-bounds write in Thunderbird < 52.7.0, through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in the parent process.
Group Package Affected Fixed Severity Status Ticket
AVG-663 thunderbird 52.6.0-2 52.7.0-1 Critical Fixed
Date Advisory Group Package Severity Description
24 Mar 2018 ASA-201803-22 AVG-663 thunderbird Critical multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/#CVE-2018-5129
https://bugzilla.mozilla.org/show_bug.cgi?id=1428947