Show Navigation
Conversation
Notices
-
Security Vulnerabilities fixed in Thunderbird 78.5.1 — Mozilla
https://www.mozilla.org/en-US/security/advisories/mfsa2020-53/
>CVE-2020-26970: Stack overflow due to incorrect parsing of SMTP server response codes
>
>Reporter
> Chiaki Ishikawa
>Impact
> high
>
>Description
>
>When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable.