Lucene search

K
kasperskyKaspersky LabKLA61042
HistorySep 28, 2023 - 12:00 a.m.

KLA61042 DoS vulnerability in Mozilla Thunderbird

2023-09-2800:00:00
Kaspersky Lab
threats.kaspersky.com
6
mozilla thunderbird
dos
heap buffer overflow
public exploits
affected version
update
cve-2023-5217

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

0.248

Percentile

96.7%

Heap buffer overflow vulnerability was found in Mozilla Thunderbird. Malicious users can exploit this vulnerability to cause denial of service.

Original advisories

MFSA2023-44

Exploitation

Public exploits exist for this vulnerability.

Related products

Mozilla-Thunderbird

CVE list

CVE-2023-5217 critical

Solution

Update to the latest version

Download Thunderbird

Impacts

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

  • Mozilla Thunderbird earlier than 115.3.1

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

0.248

Percentile

96.7%