Описание
Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird < 78.10.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| thunderbird | fixed | 1:78.10.0-1 | package |
Примечания
https://www.mozilla.org/en-US/security/advisories/mfsa2021-14/#CVE-2021-29948
EPSS
Связанные уязвимости
Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird < 78.10.
Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird < 78.10.
Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird < 78.10.
Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird < 78.10.
Уязвимость почтового клиента Thunderbird, вызванная ошибками синхронизации при использовании общего ресурса, позволяющая нарушителю обойти существующие ограничения безопасности
EPSS