Mozilla Thunderbird is the United States Mozilla Foundation’s set of independent from the Mozilla Application Suite e-mail client software. The program supports IMAP, POP mail protocols and HTML mail format. An arbitrary code execution vulnerability exists in Mozilla Thunderbird versions prior to 91.6, Firefox versions prior to 97, and Firefox ESR versions prior to 91.6. The vulnerability can be exploited to cause a user to drag and drop an image to their desktop or folder to run arbitrary code.
CPE | Name | Operator | Version |
---|---|---|---|
mozilla firefox | lt | 97.0 | |
mozilla firefox esr | lt | 91.6 | |
mozilla thunderbird | lt | 91.6 |