vulnerability
Oracle Solaris 11: CVE-2018-12361: Vulnerability in Thunderbird
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Oct 18, 2018 | May 30, 2019 | Feb 17, 2022 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Oct 18, 2018
Added
May 30, 2019
Modified
Feb 17, 2022
Description
An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61.
Solutions
oracle-solaris-11-4-upgrade-mail-thunderbird-60-6-1-11-4-9-0-1-2-0oracle-solaris-11-4-upgrade-mail-thunderbird-plugin-thunderbird-lightning-60-6-1-11-4-9-0-1-2-0oracle-solaris-11-4-upgrade-web-browser-firefox-68-6-0-11-4-21-0-1-69-0oracle-solaris-11-4-upgrade-web-data-firefox-bookmarks-68-6-0-11-4-21-0-1-69-0
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.