A use-after-free vulnerability has been found in Thunderbird versions prior to 60.2.1, which can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash.
A use-after-free vulnerability has been found in Thunderbird versions prior to 60.2.1, which can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash.
https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12377 https://bugzilla.mozilla.org/show_bug.cgi?id=1470260