漏洞类别:Local
漏洞等级: 
漏洞信息
Mozilla Thunderbird is a free, open source, cross-platform email, news, RSS, and chat client.
Multiple vulnerabilities were reported in Mozilla Thunderbird. The critical vulnerabilities can be used by remote attackers to cause Denial of Service or execute arbitrary code.
Affected Versions:
Mozilla Thunderbird prior to 52.2
QID Detection Logic (Authenticated):
The QID checks for the vulnerable version of thunderbird.exe. The path of the file is determined by the registry key "HKLM\SOFTWARE\Mozilla\Mozilla Thunderbird" value "PathToExe:.
漏洞危害
Successful exploitation of the vulnerability will lead to denial of service or execution of arbitrary code.
解决方案
Vendor has released fix(52.2). Download updated Thunderbird from here.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论