38 matches found
Astra Linux - уязвимость в thunderbird
When receiving an email message signed with OpenPGP/MIME and containing an additional outer MIME message layer, such as a message footer added by a mailing list gateway, Thunderbird only considers the signed inner message for signature validity. This creates the false impression that the addition...
EUVD-2017-16264
Malware in sbrugna...
RHEL 8 : thunderbird (RHSA-2024:0004)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0004 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fixes: Mozilla:...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2024:0044-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0044-1 advisory. - The signature of a digitally signed S/MIME email message may optionally specify the signature...
AlmaLinux 9 : thunderbird (ALSA-2024:0001)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:0001 advisory. - The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not...
Oracle Linux 9 : thunderbird (ELSA-2024-0001)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0001 advisory. 115.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Update to 115.6.0 build2 Tenable has extracted...
Mozilla: Truncated signed text was shown with a valid OpenPGP signature
The Mozilla Foundation Security Advisory: When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. This is because the text was interpreted as a MIME message and the first paragraph was always treated as an email header...
RHEL 8 : thunderbird (RHSA-2024:0028)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0028 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fixes: Mozilla:...
RHEL 8 : thunderbird (RHSA-2024:0003)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0003 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fixes: Mozilla:...
RHEL 8 : thunderbird (RHSA-2024:0005)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0005 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fixes: Mozilla:...
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Thunderbird vulnerabilities (USN-6563-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6563-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a...
Oracle Linux 7 : thunderbird (ELSA-2024-0027)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0027 advisory. 115.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.6.0-1 - Update to...
RHEL 9 : thunderbird (RHSA-2024:0029)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0029 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fixes: Mozilla:...
CentOS 7 : thunderbird (RHSA-2024:0027)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0027 advisory. - The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not...
RHEL 9 : thunderbird (RHSA-2024:0001)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0001 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fixes: Mozilla:...
[SECURITY] [DLA 3698-1] thunderbird security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3698-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 29, 2023 https://wiki.debian.org/LTS -...
Email Spoofing
Thunderbird is vulnerable to Email Spoofing. The vulnerability is caused because when processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user as the text was interpreted as a MIME message and the first paragraph was always...
Fedora 39 : thunderbird (2023-7dee358171)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-7dee358171 advisory. Update to 115.6.0 ; - https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/ -...
[SECURITY] [DSA 5582-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5582-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 21, 2023 https://www.debian.org/security/faq -...
SUSE CVE-2023-50762
When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. This is because the text was interpreted as a MIME message and the first paragraph was always treated as an email header section. A digitally signed text from a...