ALAS2-2018-1061 --- thunderbirdID: oval:org.secpod.oval:def:1700072 | Date: (C)2018-08-27 (M)2023-12-20 |
Class: PATCH | Family: unix |
Use-after-free when appending DOM nodes Use-after-free using focus Compromised IPC child process can list local filenames Buffer overflow using computed size of canvas element Using form to exfiltrate encrypted mail part by pressing enter in form field S/MIME plaintext can be leaked through HTML reply/forward Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 S/MIME and PGP decryption oracles can be built with HTML emails Integer overflow in SSSE3 scaler CSRF attacks through 307 redirects and NPAPI plugins Invalid data handling during QCMS transformations