vulnerability

MFSA2017-13 Thunderbird: Security vulnerabilities fixed in Thunderbird 52.1 (CVE-2017-5464)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	Apr 30, 2017	May 2, 2017	Mar 27, 2026

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Apr 30, 2017

Added

May 2, 2017

Modified

Mar 27, 2026

Description

During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

Solution

mozilla-thunderbird-upgrade-52_1

References

CVE-2017-5464
https://attackerkb.com/topics/CVE-2017-5464
CWE-119
EUVD-EUVD-2017-14568
http://www.mozilla.org/security/announce/2017/mfsa2017-13.html
https://euvd.enisa.europa.eu/vulnerability/EUVD-2017-14568

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report