Thunderbird, Firefox - (bulletinapr2018)ID: oval:org.secpod.oval:def:2101792 | Date: (C)2019-12-31 (M)2024-05-22 |
Class: PATCH | Family: unix |
An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
Product: |
web/data/firefox-bookmarks |
web/browser/firefox |
web/browser/firefox/plugin/firefox-java |
mail/thunderbird |
mail/thunderbird/plugin/thunderbird-lightning |