Luis Merino - Security Researcher - Exploit Intelligence Platform

CVE-2019-11704 EXPLOITDB CRITICAL text WRITEUP

Thunderbird <60.7.1 - Buffer Overflow

A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.

CVSS 9.8

View Code

CVE-2019-11705 EXPLOITDB CRITICAL text WRITEUP

Thunderbird <60.7.1 - Buffer Overflow

A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecur_add_bydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.

CVSS 9.8

View Code

CVE-2019-11703 EXPLOITDB CRITICAL text WRITEUP

Thunderbird <60.7.1 - Buffer Overflow

A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parser_get_next_char when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.

CVSS 9.8

View Code

CVE-2019-11706 EXPLOITDB HIGH text WRITEUP

Thunderbird <60.7.1 - Use After Free

A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird < 60.7.1.

CVSS 7.5

View Code