https://threatpost.com/mozilla-patches-critical-bug-in-thunderbird/129244/
Mozilla issued a critical security update to its popular open-source Thunderbird email client. The patch was part of a December release of five fixes that included two bugs rated high and one rated moderate and another low.
Mozilla said Thunderbird, which is also serves as a news, RSS and chat client, the latest Thunderbird 52.5.2 version released last week fixes the vulnerabilities.
The most serious of the fixes is a critical buffer overflow bug (CVE-2017-7845) impacting Thunderbird running on the Windows operating system. The bug is present when "drawing and validating elements with angle library using Direct 3D 9," according to the Mozilla Foundation Security Advisory.
(Score: 0) by Anonymous Coward on Sunday December 31 2017, @12:06PM
Bad journalism. The fifth is the critical buffer overflow mentioned.
Also https://www.mozilla.org/en-US/security/advisories/ [mozilla.org]