Candidate: CVE-2018-18513
PublicDate: 2019-04-26 17:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18513
 https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/#CVE-2018-18513
 https://bugzilla.mozilla.org/show_bug.cgi?id=1533300
 https://www.mozilla.org/security/advisories/mfsa2019-03/
Description:
 A crash can occur when processing a crafted S/MIME message or an XPI
 package containing a crafted signature. This can be used as a
 denial-of-service (DOS) attack because Thunderbird reopens the last seen
 message on restart, triggering the crash again. This vulnerability affects
 Thunderbird < 60.5.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]


Patches_thunderbird:
upstream_thunderbird: released (1:60.5.0-1)
precise/esm_thunderbird: DNE
trusty/esm_thunderbird: DNE
xenial_thunderbird: not-affected (1:60.6.1+build2-0ubuntu0.16.04.1)
esm-infra/xenial_thunderbird: not-affected (1:60.6.1+build2-0ubuntu0.16.04.1)
bionic_thunderbird: not-affected (1:60.6.1+build2-0ubuntu0.18.04.1)
cosmic_thunderbird: not-affected
disco_thunderbird: not-affected
devel_thunderbird: not-affected