Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-0566
HistoryFeb 18, 2022 - 12:00 a.m.

CVE-2022-0566

2022-02-1800:00:00
ubuntu.com
ubuntu.com
24
email
out-of-bounds write
thunderbird
vulnerability
unix

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

56.1%

It may be possible for an attacker to craft an email message that causes
Thunderbird to perform an out-of-bounds write of one byte when processing
the message. This vulnerability affects Thunderbird < 91.6.1.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchthunderbird< 1:91.7.0+build2-0ubuntu0.18.04.1UNKNOWN
ubuntu20.04noarchthunderbird< 1:91.7.0+build2-0ubuntu0.20.04.1UNKNOWN
ubuntu21.10noarchthunderbird< 1:91.7.0+build2-0ubuntu0.21.10.1UNKNOWN
ubuntu22.04noarchthunderbird< 1:91.6.1+build1-0ubuntu1UNKNOWN
ubuntu22.10noarchthunderbird< 1:91.6.1+build1-0ubuntu1UNKNOWN
ubuntu23.04noarchthunderbird< 1:91.6.1+build1-0ubuntu1UNKNOWN

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

56.1%