Mozilla Thunderbird SMTP Server Stack-Based Buffer Overflow Vulnerability
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
thunderbird (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
A vulnerability has been reported in Mozilla Thunderbird, which can be exploited by malicious people to compromise a vulnerable system.
An error when parsing SMTP server status codes can be exploited to cause a stack-based buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in versions prior to 78.5.1.
Affected Software
The following software is affected by the described vulnerability. Please check the vendor links below to see if exactly your version is affected.
Mozilla Thunderbird 78.x
Solution
Update to version 78.5.1.
References
1. https:/
information type: | Private Security → Public Security |
Changed in thunderbird (Ubuntu): | |
status: | New → Confirmed |
78.5.1 is in hirsute, and in the process of being SRUed to other supported releases.