14 matches found
EUVD-2022-51432
Malicious code in bioql PyPI...
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attach files when clicked.
...
DEBIAN-CVE-2022-4055
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...
CVE-2022-4055
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...
CVE-2022-4055
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...
CVE-2022-4055
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...
CVE-2022-4055
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...
UBUNTU-CVE-2022-4055
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...
xdg-utils 安全漏洞
xdg-utils is a software from the xdg organization that provides integrated functionality for desktop systems. A security vulnerability exists in xdg-utils xdg-mail that stems from incorrect URL parsing when configured to use thunderbird's mailto URL, which may result in passing additional headers...
CVE-2022-4055
CVE-2022-4055 affects xdg-utils (xdg-mail) when configured to use Thunderbird for mailto URLs; improper parsing can pass extra headers to Thunderbird that should not be included per RFC 2368, enabling a mailto URL that appears safe but attaches files when clicked. The related Nessus advisories (e...
CVE-2022-4055
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...
CVE-2022-4055
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...
CVE-2022-4055
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...
PT-2022-25412 · Mozilla +4 · Thunderbird +4
Name of the Vulnerable Software and Affected Versions: xdg-mail affected versions not specified Description: The issue arises when xdg-mail is configured to use thunderbird for mailto URLs, leading to improper parsing of the URL. This can result in additional headers being passed to thunderbird...