CVE-2023-0430

Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by this bug. This vulnerability affects Thunderbird 102.7.1...

CentOS 7 : thunderbird (RHSA-2023:0600)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:0600 advisory. - Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a val...

Debian DSA-5355-1 : thunderbird - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5355 advisory. Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For the stable distribution...

USN-5824-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

RHEL 9 : thunderbird (RHSA-2023:0607)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:0607 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Security Fixes: Mozilla: Revocati...

RHEL 8 : thunderbird (RHSA-2023:0602)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:0602 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Security Fixes: Mozilla: Revocati...

RHEL 9 : thunderbird (RHSA-2023:0608)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:0608 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Security Fixes: Mozilla: Revocati...

Fedora 37 : thunderbird (2023-97a977a96a)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-97a977a96a advisory. Update to 102.7.1 ; https://www.mozilla.org/en-US/security/advisories/mfsa2023-03/ ; https://www.mozilla.org/en-US/security/advisories/mfsa2023-04/ ;...

CVE-2023-0430

The Mozilla Foundation Security Advisory describes this flaw as: Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by thi...

Mozilla Thunderbird Security Advisory (MFSA2023-04) - Windows

Thunderbird is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Mozilla Thunderbird Security Advisory (MFSA2023-04) - Mac OS X

Thunderbird is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...