Spoofing

2018-06-1121:29:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.5%

JSON

It is possible to spoof the sender’s email address and display an arbitrary sender address to the email recipient. The real sender’s address is not displayed if preceded by a null character in the display string. This vulnerability affects Thunderbird < 52.5.2.

CPENameOperatorVersion
ubuntu_linuxeq16.04
ubuntu_linuxeq14.04
ubuntu_linuxeq17.10
debian_linuxeq8.0
debian_linuxeq7.0
debian_linuxeq9.0
thunderbirdlt52.5.2
enterprise_linux_auseq7.4
enterprise_linux_desktopeq7.0
enterprise_linux_desktopeq6.0

Name	Operator	Version
ubuntu_linux	eq	16.04
ubuntu_linux	eq	14.04
ubuntu_linux	eq	17.10
debian_linux	eq	8.0
debian_linux	eq	7.0
debian_linux	eq	9.0
thunderbird	lt	52.5.2
enterprise_linux_aus	eq	7.4
enterprise_linux_desktop	eq	7.0
enterprise_linux_desktop	eq	6.0