6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
43.7%
A vulnerability in Mozilla Thunderbird email client is related to a memory usage error after a
release in the InputStream implementation. Exploitation of the vulnerability could allow an attacker acting
remotely, cause a victim to visit a specially crafted website, trigger a post-release usage error, and execute arbitrary code on the system.
release and execute arbitrary code on the system
A vulnerability in the Mozilla Thunderbird email client is related to a bug in Service Workers. Exploitation
of the vulnerability could allow an attacker acting remotely to obtain information about the presence or length of a
of a media file, using media timing information from different sources combined with queries of the
range
A vulnerability in the Mozilla Thunderbird email client involves incorrect handling of a series of calls to popup and
window.print(). Exploitation of the vulnerability could allow an attacker acting remotely to force the
the browser into full screen mode without the user seeing the notification prompt, which could lead to user confusion or
could lead to user confusion or spoofing attacks
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | thunderbird | <= 102.5.0-1 | UNKNOWN |
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
43.7%