8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
59.9%
Mozilla Thunderbird email client vulnerability is related to a boundary error in FileReader::DoReadData()
when reading a file. Exploitation of the vulnerability could allow an attacker acting remotely to cause memory corruption and execute arbitrary code on the target system.
memory corruption and execute arbitrary code on the target system.
A vulnerability in Mozilla Thunderbird email client is related to incorrect processing of user data.
data. Exploitation of the vulnerability could allow an attacker acting remotely to spoof the address line using a datalist element.
address bar using a datalist element.
A vulnerability in the Mozilla Thunderbird email client is related to the ms-cxh and ms-cxh-full protocol handlers.
Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial-of-service attack.
denial of service
A vulnerability in the Mozilla Thunderbird email client is related to a boundary condition in the RLBox Expat driver.
Exploitation of the vulnerability could allow a remote attacker to trick the victim into
to open a specially crafted website, cause a read error outside of the boundary condition, and crash the
browser crash.
The vulnerability in the Mozilla Thunderbird email client is related to boundary errors in content processing
HTML, an attacker could trick the victim into opening a specially crafted website, cause a
memory corruption and execute arbitrary code on the target system. Exploitation of the vulnerability could
allow an attacker acting remotely to cause a complete compromise of a vulnerable system.
A vulnerability in the Mozilla Thunderbird email client is related to a type mixing error in the processing of HTML content.
HTML content. Exploitation of the vulnerability could allow a remote attacker to trick a victim into opening a specially crafted web site.
a victim to open a specially crafted website, causing a type-mixing error and causing the browser to crash.
browser crash.
A vulnerability in the Mozilla Thunderbird email client is related to incorrect processing of user
data, an attacker can hide browser prompts and perform a spoofing attack. Exploitation
vulnerability could allow a remote attacker to perform a spoofing attack.
A vulnerability in the Mozilla Thunderbird email client is related to the lack of delayed pop-up notifications.
Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into
to grant permissions.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | thunderbird | <= 102.11.0-1 | UNKNOWN |