Thunderbird libical Heap Overflow

Posted by deepcore on June 15, 2019 – 12:19 pm

A heap-based buffer overflow has been identified in the Thunderbird email client. The issue is present in the libical implementation, which was forked from upstream libical version 0.47. The issue can be triggered remotely, when an attacker sends an specially crafted calendar attachment and does not require user interaction. It might be used by a remote attacker to crash or gain remote code execution in the client system. Proof of concept included.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Thunderbird libical Stack Buffer Overflow CentOS 7.6 ptrace_scope Privlege Escalation »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Thunderbird libical Heap Overflow

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL