James Grant

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 52.7 Firefox ESR versions prior to 52.7 Firefox versions prior to 59 **Description** The issue is related to a lack of parameter validation on IPC messages, which can result in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in the parent process. **Recommendations** For Thunderbird versions prior to 52.7, update to version 52.7 or later. For Firefox ESR versions prior to 52.7, update to version 52.7 or later. For Firefox versions prior to 59, update to version 59 or later.