CVE-2018-18513

Summary

A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service (DOS) attack because Thunderbird reopens the last seen message on restart, triggering the crash again. This vulnerability affects Thunderbird < 60.5.

Affected Software

VendorProductVersion RangeStatus
MozillaThunderbirdunspecified < 60.5affected

Weaknesses

  • DOS and crash with crafted S/MIME message or XPI package

ADP Enrichment

CVE Program Container

Additional References

References