Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.21 views

CentOS 7 : thunderbird (RHSA-2020:2906)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2906 advisory. - Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially...

9.3CVSS7.8AI score0.03034EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.30 views

CentOS 6 : thunderbird (RHSA-2020:2966)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2966 advisory. - Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This...

9.3CVSS7.8AI score0.03034EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:56 a.m.2 views

SUSE CVE-2020-15646

If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a server controlled by the attacker. This...

7.5CVSS8.8AI score0.00961EPSS
Exploits0References3
OSV
OSV
added 2020/10/08 2:15 p.m.1 views

DEBIAN-CVE-2020-15646

If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a server controlled by the attacker. This...

5.9CVSS5.8AI score0.00961EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/07/14 11:37 a.m.3 views

Mozilla: Automatic account setup leaks Microsoft Exchange login credentials

If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a server controlled by the attacker. This...

5.9CVSS7.4AI score0.00961EPSS
Exploits0References5
Rows per page
Query Builder