CVE-2019-11706

CVSS v3.1 7.5 (High)

CVSS v2.0 5 (Medium)

EPSS 4.07 % (92^th)

Affected Products 1

Advisories 19

A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird < 60.7.1.

Weaknesses

CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2019-07-23 14:15:15
(5 years ago)
Updated Date: 2023-02-02 15:07:52
(19 months ago)

Affected Products

Mozilla

Thunderbird

Configuration #1

		CPE23	From	Up To
	Mozilla Thunderbird prior 60.7.1 version	cpe:2.3:a:mozilla:thunderbird		< 60.7.1