3 matches found
thunderbird: File Extension Spoofing using the Text Direction Override Character
Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This...
Mozilla Thunderbird < 102.13.1
The version of Thunderbird installed on the remote Windows host is prior to 102.13.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2023-28 advisory. - Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly...
UBUNTU-CVE-2023-3417
Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This...