Mozilla Foundation Security Advisory 2024-37
Security Vulnerabilities fixed in Thunderbird 128.1
- Announced
- August 6, 2024
- Impact
- high
- Products
- Thunderbird
- Fixed in
-
- Thunderbird 128.1
In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potential risks in browser or browser-like contexts.
#CVE-2024-7518: Fullscreen notification dialog can be obscured by document content
- Reporter
- Shaheen Fazim
- Impact
- high
Description
Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack.
References
#CVE-2024-7519: Out of bounds memory access in graphics shared memory handling
- Reporter
- dalmurino
- Impact
- high
Description
Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape.
References
#CVE-2024-7520: Type confusion in WebAssembly
- Reporter
- Nan Wang
- Impact
- high
Description
A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution.
References
#CVE-2024-7521: Incomplete WebAssembly exception handing
- Reporter
- Nils Bars
- Impact
- high
Description
Incomplete WebAssembly exception handing could have led to a use-after-free.
References
#CVE-2024-7522: Out of bounds read in editor component
- Reporter
- Irvan Kurniawan
- Impact
- high
Description
Editor code failed to check an attribute value. This could have led to an out-of-bounds read.
References
#CVE-2024-7525: Missing permission check when creating a StreamFilter
- Reporter
- Rob Wu
- Impact
- high
Description
It was possible for a web extension with minimal permissions to create a StreamFilter
which could be used to read and modify the response body of requests on any site.
References
#CVE-2024-7526: Uninitialized memory used by WebGL
- Reporter
- s48gs.w
- Impact
- high
Description
ANGLE failed to initialize parameters which led to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory.
References
#CVE-2024-7527: Use-after-free in JavaScript garbage collection
- Reporter
- Norisz Fay
- Impact
- high
Description
Unexpected marking work at the start of sweeping could have led to a use-after-free.
References
#CVE-2024-7528: Use-after-free in IndexedDB
- Reporter
- Jason Kratzer
- Impact
- high
Description
Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free.
References
#CVE-2024-7529: Document content could partially obscure security prompts
- Reporter
- Hafiizh
- Impact
- moderate
Description
The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions.