Mozilla has resolved a critical vulnerability in the Thunderbird email client which could lead to the execution of arbitrary code by attackers.
The security flaw, CVE-2018-12376, is a memory corruption issue that “with enough effort” could be exploited in order to run arbitrary code, according to Mozilla’s security advisory.
The resolution of the vulnerability is part of the Thunderbird version 60.2.1 update, which also tackled two high-risk bugs, three vulnerabilities issued with a moderate risk rating, and one low-level security flaw.
