Thursday, January 23, 2025
HomeComputer SecurityMozilla Released Security Updates for Thunderbird & Fixed Critical Security Flaws

Mozilla Released Security Updates for Thunderbird & Fixed Critical Security Flaws

Published on

SIEM as a Service

Follow Us on Google News

Mozilla Released Security Updates for critical vulnerabilities that affected Thunderbird Mail client. The update fixes three high-level vulnerabilities and one low-level of vulnerability.

Mozilla Thunderbird is a free and open-source cross-platform email client, RSS and chats client developed by the Mozilla Foundation and it is installed by default on Ubuntu desktop systems. It is one of the most used email clients on all operating systems.

The vulnerability resides in the implementation of iCal that causes a overflows in processing certain email messages resulting in a potentially exploitable crash. Following are the vulnerabilities.

CVE-2019-11703: Heap buffer overflow in icalparser.c

A flaw in Thunderbird’s implementation of iCal causes a heap buffer overflow in parser_get_next_charwhen processing certain email messages, resulting in a potentially exploitable crash.

CVE-2019-11704: Heap buffer overflow in icalvalue.c

A flaw in Thunderbird’s implementation of iCal causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email messages, resulting in a potentially exploitable crash.

CVE-2019-11705: Stack buffer overflow in icalrecur.c

A flaw in Thunderbird’s implementation of iCal causes a stack buffer overflow in icalrecur_add_bydayrules when processing certain email messages, resulting in a potentially exploitable crash.

CVE-2019-11706: Type confusion in icalproperty.c

A flaw in Thunderbird’s implementation of iCal causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email messages, resulting in a crash.

Also, the Thunderbird 60.7.1 comes with a fix for a bug removing the prompt for smartcard PIN when S/MIME signing was used.

Also Read

Mozilla Releases Critical Security Update

Mozilla Released Security Updates for Thunderbird & Fixed Critical Security Flaws

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Hackers Deliver Ransomware on Windows Via Microsoft Teams Voice Calls

Sophos X-Ops’ Managed Detection and Response (MDR) team has uncovered two highly active threat...

SonicWall Arbitrary OS Commands Execution Vulnerability Exploited in Attacks

 A critical vulnerability in SonicWall's SMA1000 series tracked as CVE-2025-23006, has come under active exploitation...

AI Assistant Jailbreaked to Reveal its System Prompts

Anonymous tinkerer claims to have bypassed an AI assistant's safeguards to uncover its highly...

Murdoc Botnet Exploiting AVTECH Cameras & Huawei Routers to Gain Complete Control

Researchers have identified an active malware campaign involving a Mirai botnet variant, dubbed Murdoc,...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

CISA Released A Free Guide to Enhance OT Product Security

To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security...

Is this Website Safe: How to Check Website Safety – 2025

is this website safe? In this digital world, Check a website is safe is...

Firefox 133.0 Released with Multiple Security Updates – What’s New!

Mozilla has officially launched Firefox 133.0, offering enhanced features, significant performance improvements, and critical...