16 matches found
RLSA-2025:7435 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing CVE-2025-2830 thunderbird: Leak of hashed Window credentials via crafted...
Oracle Linux 9 : thunderbird (ELSA-2025-7435)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-7435 advisory. 128.10.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs Tenable has extracted the preceding description block directly from the Orac...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update ...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
RHEL 8 : thunderbird (RHSA-2025:4649)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:4649 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachmen...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
openSUSE Security Advisory (SUSE-SU-2025:1366-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ALSA-2025:4229 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing CVE-2025-2830 thunderbird: Leak of hashed Window credentials via crafted...
CVE-2025-2830
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the...
MozillaThunderbird-128.9.2-1.1 on GA media (moderate)
MozillaThunderbird-128.9.2-1.1 on GA media Announcement ID: openSUSE-SU-2025:15000-1 Rating: moderate Cross-References: CVE-2025-2830 CVE-2025-3522 CVE-2025-3523 CVSS scores: CVE-2025-2830 SUSE : 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2025-2830 SUSE : 4.6...
Slackware: Security Advisory (SSA:2025-105-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-2830
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the...
CVE-2025-2830
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the...
CVE-2025-2830 Information Disclosure of /tmp directory listing
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the...
CVE-2025-2830 Information Disclosure of /tmp directory listing
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the...
CVE-2025-2830
Thunderbird vulnerability CVE-2025-2830: By crafting a malformed attachment filename in a multipart message, an attacker can coax Thunderbird into exposing a directory listing of /tmp when the message is forwarded or edited as a new message. This can lead to information disclosure from the victim...