Lucene search

K
redosRedosROS-20230908-08
HistorySep 08, 2023 - 12:00 a.m.

ROS-20230908-08

2023-09-0800:00:00
redos.red-soft.ru
8
thunderbird email client
unicode character
handling
file names
remote exploitation
spoofing attacks
vulnerability

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

20.4%

A vulnerability in the Thunderbird email client exists due to improper handling of the Unicode character to
to override text direction in file names. Exploitation of the vulnerability could allow an attacker,
acting remotely to conduct spoofing attacks.

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64thunderbird<= 102.14.0-1UNKNOWN

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

20.4%