1. Home
  2. Security Advisories
  3. Mozilla
  4. MFSA-2023-43

[MFSA-2023-43] Security Vulnerabilities fixed in Thunderbird 115.3

Severity High
Affected Packages 1
Fixed Packages 1
CVEs 5
Info Packages References Vulnerabilities

In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts.

  • CVE-2023-5168: Out-of-bounds write in FilterNodeD2D1 (high)
    A compromised content process could have provided malicious data to <code>FilterNodeD2D1</code> resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process.
    This bug only affects Firefox on Windows. Other operating systems are unaffected.

  • CVE-2023-5169: Out-of-bounds write in PathOps (high)
    A compromised content process could have provided malicious data in a <code>PathRecording</code> resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process.

  • CVE-2023-5171: Use-after-free in Ion Compiler (high)
    During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash.

  • CVE-2023-5174: Double-free in process spawning on Windows (moderate)
    If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash.
    This bug only affects Firefox on Windows when run in non-standard configurations (such as using <code>runas</code>). Other operating systems are unaffected.

  • CVE-2023-5176: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 (high)
    Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

Package Affected Version
pkg:mozilla/Thunderbird < 115.3
Package Fixed Version
pkg:mozilla/Thunderbird = 115.3
ID
MFSA-2023-43
Severity
high
URL
https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
Published
2023-09-26T00:00:00
(11 months ago)
Modified
2023-09-26T00:00:00
(11 months ago)
Other Advisories
Source # ID Name URL
Bugzilla 1846683 https://bugzilla.mozilla.org/show_bug.cgi?id=1846683
Bugzilla 1846685 https://bugzilla.mozilla.org/show_bug.cgi?id=1846685
Bugzilla 1851599 https://bugzilla.mozilla.org/show_bug.cgi?id=1851599
Bugzilla 1848454 https://bugzilla.mozilla.org/show_bug.cgi?id=1848454
Bugzilla 1836353 Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 https://bugzilla.mozilla.org/show_bug.cgi?id=1836353
Bugzilla 1842674 Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 https://bugzilla.mozilla.org/show_bug.cgi?id=1842674
Bugzilla 1843824 Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 https://bugzilla.mozilla.org/show_bug.cgi?id=1843824
Bugzilla 1843962 Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 https://bugzilla.mozilla.org/show_bug.cgi?id=1843962
Bugzilla 1848890 Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 https://bugzilla.mozilla.org/show_bug.cgi?id=1848890
Bugzilla 1850180 Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 https://bugzilla.mozilla.org/show_bug.cgi?id=1850180
Bugzilla 1850983 Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 https://bugzilla.mozilla.org/show_bug.cgi?id=1850983
Bugzilla 1851195 Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 https://bugzilla.mozilla.org/show_bug.cgi?id=1851195
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:mozilla/Thunderbird Thunderbird < 115.3
Fixed pkg:mozilla/Thunderbird Thunderbird = 115.3
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date