Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-3417
HistoryJul 24, 2023 - 11:15 a.m.

Privilege escalation

2023-07-2411:15:00
PRIOn knowledge base
www.prio-n.com
247
privilege escalation
thunderbird
unicode character
vulnerability
file extension

7.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.6%

Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This vulnerability affects Thunderbird < 115.0.1 and Thunderbird < 102.13.1.