When processing a message that contains multiple S/MIME signatures, a bug in the MIME processing code caused a null pointer dereference, leading to an unexploitable crash. This vulnerability affects Thunderbird < 68.5.
{ "binaries": [ { "binary_version": "1:68.7.0+build1-0ubuntu0.16.04.2", "binary_name": "thunderbird" }, { "binary_version": "1:68.7.0+build1-0ubuntu0.16.04.2", "binary_name": "thunderbird-dev" }, { "binary_version": "1:68.7.0+build1-0ubuntu0.16.04.2", "binary_name": "thunderbird-gnome-support" }, { "binary_version": "1:68.7.0+build1-0ubuntu0.16.04.2", "binary_name": "thunderbird-mozsymbols" }, { "binary_version": "1:68.7.0+build1-0ubuntu0.16.04.2", "binary_name": "xul-ext-calendar-timezones" }, { "binary_version": "1:68.7.0+build1-0ubuntu0.16.04.2", "binary_name": "xul-ext-gdata-provider" }, { "binary_version": "1:68.7.0+build1-0ubuntu0.16.04.2", "binary_name": "xul-ext-lightning" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_version": "1:68.7.0+build1-0ubuntu0.18.04.1", "binary_name": "thunderbird" }, { "binary_version": "1:68.7.0+build1-0ubuntu0.18.04.1", "binary_name": "thunderbird-dev" }, { "binary_version": "1:68.7.0+build1-0ubuntu0.18.04.1", "binary_name": "thunderbird-gnome-support" }, { "binary_version": "1:68.7.0+build1-0ubuntu0.18.04.1", "binary_name": "thunderbird-mozsymbols" }, { "binary_version": "1:68.7.0+build1-0ubuntu0.18.04.1", "binary_name": "xul-ext-calendar-timezones" }, { "binary_version": "1:68.7.0+build1-0ubuntu0.18.04.1", "binary_name": "xul-ext-gdata-provider" }, { "binary_version": "1:68.7.0+build1-0ubuntu0.18.04.1", "binary_name": "xul-ext-lightning" } ], "availability": "No subscription required" }