Mozilla Firefox 72, Mozilla Firefox ESR 68.4 and Mozilla Thunderbird 68.4.1 : Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code.