Ref# Mozilla | Date: Jun 17th 2019

---

Description

Mozilla releases several security vulnerability fixes for the Firefox Thunderbird. It is recommended that you take the necessary precautions by ensuring your products are always updated.

Mozilla Foundation Security Advisory 2019-17

Mozilla Release Security updates for Thunderbird includes: 3 High, 1 Low.

High

• CVE-2019-11703: Heap buffer overflow in icalparser.c

https://bugzilla.mozilla.org/show_bug.cgi?id=1553820

• CVE-2019-11704: Heap buffer overflow in icalvalue.c

https://bugzilla.mozilla.org/show_bug.cgi?id=1553814

• CVE-2019-11705: Stack buffer overflow in icalrecur.c

https://bugzilla.mozilla.org/show_bug.cgi?id=1553808

Low

• CVE-2019-11706: Type confusion in icalproperty.c

https://bugzilla.mozilla.org/show_bug.cgi?id=1555646

The Guyana National CIRT recommends that users and administration review these updates and apply them where necessary.

Reference

Microsoft Releases Security Updates for Thunderbird (US-Cert)

https://www.us-cert.gov/ncas/current-activity/2019/06/13/Mozilla-Releases-Security-Update-Thunderbird