*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Seth Arnold (seth-arnold):
A vulnerability has been reported in Mozilla Thunderbird, which can be exploited by malicious people to compromise a vulnerable system. An error when parsing SMTP server status codes can be exploited to cause a stack-based buffer overflow. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions prior to 78.5.1. Affected Software The following software is affected by the described vulnerability. Please check the vendor links below to see if exactly your version is affected. Mozilla Thunderbird 78.x Solution Update to version 78.5.1. References 1. https://www.mozilla.org/en-US/security/advisories/mfsa2020-53/ <https://www.mozilla.org/en-US/security/advisories/mfsa2020-53/> ** Affects: thunderbird (Ubuntu) Importance: Undecided Status: New -- Mozilla Thunderbird SMTP Server Stack-Based Buffer Overflow Vulnerability https://bugs.launchpad.net/bugs/1906609 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
