HIGH 7.1
CVE-2021-29964
EN A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11.
CVSS v3
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
EPSS
0.3%
percentile 55.5%
Apps suivies affectées
Configurations CPE vulnérables
| Vendor | Produit | Plateforme | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| mozilla | thunderbird | Windows | <78.11 | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |