Astra Linux – Vulnerability in Thunderbird
If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses before the STARTTLS handshake was completed, then Thunderbird did not ignore the injected data. This could result in Thunderbird displaying incorrect information. For example, the...