vulnerability

Ubuntu: (Multiple Advisories) (CVE-2016-5824): Thunderbird vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:N/A:P)	Jan 27, 2017	Mar 7, 2019	Aug 18, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

Jan 27, 2017

Added

Mar 7, 2019

Modified

Aug 18, 2025

Description

A use-after-free was discovered in libical. If a user were tricked in to
opening a specially crafted ICS calendar file, an attacker could
potentially exploit this to cause a denial of service. (CVE-2016-5824)

Multiple security issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted message, an attacker could
potentially exploit these to cause a denial of service, or execute
arbitrary code. (CVE-2018-18356, CVE-2018-18500, CVE-2019-5785)

Multiple security issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted website in a browsing context,
an attacker could potentially exploit these to cause a denial of service,
gain additional privileges by escaping the sandbox, or execute arbitrary
code. (CVE-2018-18501, CVE-2018-18505)

An issue was discovered with S/MIME signature verification in some
circumstances. An attacker could potentially exploit this by spoofing
signatures for arbitrary content. (CVE-2018-18509)

Solution

ubuntu-upgrade-thunderbird

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today