Email Spoofing

2023-12-2322:40:51

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

email spoofing

thunderbird

vulnerability

pgp/mime

digitally signed text

mime message

email header section

git commit

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

6.4 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

19.6%

JSON

Thunderbird is vulnerable to Email Spoofing. The vulnerability is caused because when processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user as the text was interpreted as a MIME message and the first paragraph was always treated as an email header section. A digitally signed text from a different context, such as a signed GIT commit, could be used to spoof an email message.

CPENameOperatorVersion
thunderbird:bullseyeeq1:78.5.0-1
thunderbird:sideq1:78.5.0-1
thunderbird:bullseyeeq1:78.5.0-1
thunderbird:sideq1:78.5.0-1
thunderbird:bustereq1:68.12.0-1~deb10u1
thunderbird:bustereq1:60.9.0-1~deb10u1
thunderbird:bustereq1:78.5.0-1~deb10u1
thunderbird:bustereq1:78.6.0-1~deb10u1

Name	Operator	Version
thunderbird:bullseye	eq	1:78.5.0-1
thunderbird:sid	eq	1:78.5.0-1
thunderbird:bullseye	eq	1:78.5.0-1
thunderbird:sid	eq	1:78.5.0-1
thunderbird:buster	eq	1:68.12.0-1~deb10u1
thunderbird:buster	eq	1:60.9.0-1~deb10u1
thunderbird:buster	eq	1:78.5.0-1~deb10u1
thunderbird:buster	eq	1:78.6.0-1~deb10u1