Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Security Vulnerabilities fixed in Thunderbird 78.5.1

Related Vulnerabilities: CVE-2020-26970  

Source

Mozilla Foundation Security Advisory 2020-53

Security Vulnerabilities fixed in Thunderbird 78.5.1

Announced
December 1, 2020
Impact
high
Products
Thunderbird
Fixed in
  • Thunderbird 78.5.1

#CVE-2020-26970: Stack overflow due to incorrect parsing of SMTP server response codes

Reporter
Chiaki Ishikawa
Impact
high
Description

When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable.

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started