Korean
<< Back
VID 28968
Severity 40
Port 139,445
Protocol TCP
Class SMB
Detailed Description The version of Thunderbird installed on the remote Windows host is prior to 147.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2026-11 advisory.

- Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2. (CVE-2026-2447)

* References:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-11/

* Platforms Affected:
Mozilla Foundation, Thunderbird versions prior to 147.0.2
Any operating system Any version
Recommendation Upgrade to the latest version of Thunderbird (147.0.2 or later), available from the Mozilla Web site at http://www.mozilla.com/thunderbird/
Related URL CVE-2026-2447 (CVE)
Related URL (SecurityFocus)
Related URL (ISS)