CVE-2019-11703

CRITICAL

Thunderbird <60.7.1 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-11703. PoCs published by X41 D-Sec GmbH.

AI-analyzed exploit summary The advisory describes a heap-based buffer overflow in Thunderbird's libical implementation, triggered by a malformed calendar attachment. The issue can lead to remote code execution without user interaction.

Description

A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parser_get_next_char when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.

Exploits (1)

exploitdb WRITEUP

by X41 D-Sec GmbH · textdosmultiple

https://www.exploit-db.com/exploits/47003

View Code ZIP pw:eip

The advisory describes a heap-based buffer overflow in Thunderbird's libical implementation, triggered by a malformed calendar attachment. The issue can lead to remote code execution without user interaction.

Classification

Writeup 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Thunderbird (all versions before ESR 60.7.XXX)

No auth needed

Prerequisites: Attacker must send a crafted calendar attachment to the victim

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory x_refsource_misc

https://www.mozilla.org/security/advisories/mfsa2019-17/

Exploit, Issue Tracking, Vendor Advisory x_refsource_misc

https://bugzilla.mozilla.org/show_bug.cgi?id=1553820

Third Party Advisory vendor-advisory x_refsource_gentoo

https://security.gentoo.org/glsa/201908-20

Scores

CVSS v3 9.8

EPSS 0.1053

EPSS Percentile 95.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-787

Status published

Products (1)

mozilla/thunderbird < 60.7.1

Published Jul 23, 2019

Tracked Since Feb 18, 2026