CRITICAL 9.8 Publié le 2019-07-23

CVE-2019-11705

EN A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecur_add_bydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.

CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS 8.6% percentile 92.5%

Apps suivies affectées

Thunderbird

winget:Mozilla.Thunderbird

1 ouverte

Configurations CPE vulnérables

Vendor	Produit	Plateforme	Versions	CPE 2.3 URI
mozilla	thunderbird	Windows	<60.7.1	cpe:2.3:a:mozilla:thunderbird::::::::

Voir sur NVD ↗