Mozilla Thunderbird CVE-2014-1544 Vulnerability

description-logoDescription

Security researchers Tyson Smith and Jesse Schwartzentruber used the Address Sanitizer tool while fuzzing to discover a use-after-free error resulting in a crash. This is a result of a pair of NSSCertificate structures being added to a trust domain and then one of them is removed while they are still in use by the trusted cache. This crash is potentially exploitable.

affected-products-logoAffected Applications

Thunderbird

CVE References

CVE-2014-1544