Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-29964 CVE-2021-29967

Source

Mozilla Foundation Security Advisory 2021-26

Security Vulnerabilities fixed in Thunderbird 78.11

Announced

June 3, 2021

Impact

moderate

Products

Thunderbird

Fixed in

Thunderbird 78.11

#CVE-2021-29964: Out of bounds-read when parsing a `WM_COPYDATA` message

Reporter: Ronald Crane
Impact: moderate

Description

A locally-installed hostile program could send WM_COPYDATA messages that Thunderbird would processing incorrectly, leading to an out-of-bounds read.
This bug only affects Thunderbird on Windows. Other operating systems are unaffected.

References

Bug 1706501

#CVE-2021-29967: Memory safety bugs fixed in Thunderbird 78.11

Reporter: Mozilla developers and community
Impact: high

Description

Mozilla developers Gabriele Svelto, Anny Gakhokidze, Alexandru Michis, Christian Holler reported memory safety bugs present in Thunderbird 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

References

Memory safety bugs fixed in Thunderbird 78.11

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Security Vulnerabilities fixed in Thunderbird 78.11

Security Vulnerabilities fixed in Thunderbird 78.11

#CVE-2021-29964: Out of bounds-read when parsing a `WM_COPYDATA` message

Description

References

#CVE-2021-29967: Memory safety bugs fixed in Thunderbird 78.11

Description

References

Vulmon Search

About

Products

Connect