Thunderbird, an email client used by Mozilla Firefox, just recently had a host of vulnerabilities patched in its 60.3 version. These were memory safety bugs that affected Thunderbird, Firefox, and Firefox ESR. Mozilla had this to say, regarding the bugs:
"Some of the bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code."
Mozilla has fixed all of the bugs in Firefox 63, Firefox ESR 60.3, and Thunderbird 60.3 respectively.
There were other flaws that were discovered:
CVE-2018-12391
CVE-2018-12392
CVE-2018-12393
In short, Mozilla had this to say:
"In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts."
Alright, that was news folks, enjoy and have a good week.
-----Sh7nk-Z0id
01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011