Other operating systems are unaffected, and Mozilla is unable to enumerate all affected Linux Distributions. This bug only affects Thunderbird for Linux on certain Distributions. desktop, which can be interpreted to run attacker-controlled commands. Thunderbird did not properly handle downloads of files ending in. #CVE-2023-29541: Files with malicious extensions could have been downloaded unsafely on Linux Reporter Ameen Basha M K Impact moderate Description This could have led to reflected file download attacks potentially tricking users to install malware. When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. #CVE-2023-29539: Content-Disposition filename truncation leads to Reflected File Download Reporter Trung Pham Impact moderate Description The issue was discovered using Google's oss-fuzz. #CVE-2023-29479: Hang when processing certain OpenPGP messages Reporter Ribose RNP Team Impact moderate DescriptionĬertain malformed OpenPGP messages could trigger incorrect parsing of PKESK/SKESK packets due to a bug in the Ribose RNP library used by Thunderbird up to version 102.9.1, which would cause the Thunderbird user interface to hang. Thunderbird versions from 68 to 102.9.1 were affected by this bug. OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. #CVE-2023-0547: Revocation status of S/Mime recipient certificates was not checked Reporter Paul Menzel Impact high Description #CVE-2023-29536: Invalid free from JavaScript code Reporter zx from qriousec Impact high DescriptionĪn attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This resulted in memory corruption and a potentially exploitable crash. #CVE-2023-29535: Potential Memory Corruption following Garbage Collector compaction Reporter Lukas Bernhard Impact high Descriptionįollowing a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. #CVE-2023-1999: Double-free in libwebp Reporter Irvan Kurniawan Impact high DescriptionĪ double-free in libwebp could have led to memory corruption and a potentially exploitable crash. This could have led to user confusion and possible spoofing attacks. #CVE-2023-29533: Fullscreen notification obscured Reporter Irvan Kurniawan Impact high DescriptionĪ website could have obscured the fullscreen notification by using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. Other operating systems are not affected. Note: This attack requires local system access and only affects Windows. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server. #CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass Reporter Holger Fuhrmannek Impact high DescriptionĪ local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. This bug only affects Thunderbird for macOS. #CVE-2023-29531: Out-of-bound memory access in WebGL on macOS Reporter DoHyun Lee Impact high DescriptionĪn attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. Mozilla Foundation Security Advisory 2023-15 Security Vulnerabilities fixed in Thunderbird 102.10 Announced ApImpact high Products Thunderbird Fixed in
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |