CVE-2018-5156

Source
Severity High
Remote Yes
Type Arbitrary code execution
Description
A vulnerability can occur in Firefox before 61.0  and Thunderbird before 60.0 when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash.
Group Package Affected Fixed Severity Status Ticket
AVG-751 thunderbird 52.9.1-1 60.0-1 Critical Fixed
Date Advisory Group Package Severity Description
10 Aug 2018 ASA-201808-8 AVG-751 thunderbird Critical multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-5156
https://bugzilla.mozilla.org/show_bug.cgi?id=1453127