Lucene search
MozillaVULNRICHMENT:CVE-2024-1936HistoryMar 04, 2024 - 9:31 p.m.
CVE-2024-1936
2024-03-0421:31:54
mozilla
github.com
4
email security
message contamination
thunderbird.
The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird’s local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third party. While this update fixes the bug and avoids future message contamination, it does not automatically repair existing contaminations. Users are advised to use the repair folder functionality, which is available from the context menu of email folders, which will erase incorrect subject assignments. This vulnerability affects Thunderbird < 115.8.1.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"
],
"vendor": "mozilla",
"product": "thunderbird",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "115.8.1",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0054)
2024-03-12 00:00:00
Mozilla Thunderbird Security Update (mfsa_2024-11) - Windows
2024-03-11 00:00:00
Mozilla Thunderbird Security Update (mfsa_2024-11) - Mac OS X
2024-03-11 00:00:00
nessus
nessus
Slackware Linux 15.0 / current mozilla-thunderbird Vulnerability (SSA:2024-065-01)
2024-03-05 00:00:00
Fedora 40 : thunderbird (2024-d8a0e599e2)
2024-04-29 00:00:00
Fedora 38 : thunderbird (2024-325c1d1fce)
2024-03-13 00:00:00
slackware
slackware
[slackware-security] mozilla-thunderbird
2024-03-05 21:23:09
prion
prion
Design/Logic Flaw
2024-03-04 22:15:00
amazon
amazon
Low: thunderbird
2024-03-13 20:26:00
redhatcve
redhatcve
CVE-2024-1936
2024-03-06 13:42:35
kaspersky
kaspersky
KLA64752 OSI vulnerability in Mozilla Thunderbird
2024-03-04 00:00:00
ubuntucve
ubuntucve
CVE-2024-1936
2024-03-04 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Thunderbird 115.8.1 — Mozilla
2024-03-04 00:00:00
mageia
mageia
Updated thunderbird packages fix security vulnerability and make improvements
2024-03-12 03:30:17
nvd
nvd
CVE-2024-1936
2024-03-04 22:15:46
cvelist
cvelist
CVE-2024-1936
2024-03-04 21:31:54
debiancve
debiancve
CVE-2024-1936
2024-03-04 22:15:46
veracode
veracode
Sensitive Information Exposure
2024-03-10 02:43:19
cve
cve
CVE-2024-1936
2024-03-04 22:15:46
oraclelinux
oraclelinux
thunderbird security update
2024-03-26 00:00:00
thunderbird security update
2024-03-26 00:00:00
thunderbird security update
2024-03-25 00:00:00
redhat
redhat
(RHSA-2024:1499) Moderate: thunderbird security update
2024-03-25 18:34:00
(RHSA-2024:1500) Moderate: thunderbird security update
2024-03-25 18:46:38
(RHSA-2024:1496) Moderate: thunderbird security update
2024-03-25 18:33:37
osv
osv
Moderate: thunderbird security update
2024-03-25 00:00:00
Moderate: thunderbird security update
2024-03-25 00:00:00
Moderate: thunderbird security update
2024-03-27 04:34:32
almalinux
almalinux
Moderate: thunderbird security update
2024-03-25 00:00:00
Moderate: thunderbird security update
2024-03-25 00:00:00
rocky
rocky
thunderbird security update
2024-03-27 04:34:32
centos
centos
thunderbird security update
2024-04-03 14:01:39
debian
debian
[SECURITY] [DLA 3769-1] thunderbird security update
2024-03-23 11:22:35
[SECURITY] [DSA 5644-1] thunderbird security update
2024-03-21 19:22:16
gentoo
gentoo
Mozilla Thunderbird: Multiple Vulnerabilities
2024-05-12 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2024-03-04 00:00:00
AI Score
5.8
Confidence
High
SSVC
Exploitation
poc
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-1936