|Type||Arbitrary code execution|
An out-of-bounds write vulnerability has been found in the NSS component of Firefox before 71.0 and Thunderbird before 68.3. When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash.
|06 Dec 2019||ASA-201912-2||AVG-1072||thunderbird||Critical||arbitrary code execution|
|03 Dec 2019||ASA-201912-1||AVG-1071||firefox||Critical||multiple issues|