CVE-2020-26970 log

Source
Severity High
Remote No
Type Arbitrary code execution
Description
When reading SMTP server status codes, Thunderbird before 78.5.1 writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable.
Group Package Affected Fixed Severity Status Ticket
AVG-1315 thunderbird 78.5.0-1 78.6.0-1 High Fixed FS#68853
Date Advisory Group Package Severity Type
16 Dec 2020 ASA-202012-23 AVG-1315 thunderbird High multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2020-53/#CVE-2020-26970
https://bugzilla.mozilla.org/show_bug.cgi?id=1677338