The vulnerability of Thunderbird email client, Firefox and Firefox ESR browsers, arises from improper validation of an empty sequence “pkcs7” when it is transmitted as part of the certificate data. This allows attackers to execute a DoS (Denial-of-Service) attack.
The vulnerability of the Thunderbird email client, as well as browsers Firefox and Firefox ESR, is related to improper validation of an empty pkcs7 sequence that is transmitted as part of the certificate data. Exploiting this vulnerability allows a remote attacker to send a specially crafted...