Описание
Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This vulnerability affects Thunderbird < 115.0.1 and Thunderbird < 102.13.1.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | thunderbird | Out of support scope | ||
| Red Hat Enterprise Linux 7 | thunderbird | Fixed | RHSA-2023:4495 | 07.08.2023 |
| Red Hat Enterprise Linux 8 | thunderbird | Fixed | RHSA-2023:4497 | 07.08.2023 |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | thunderbird | Fixed | RHSA-2023:4492 | 07.08.2023 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | thunderbird | Fixed | RHSA-2023:4496 | 07.08.2023 |
| Red Hat Enterprise Linux 8.2 Telecommunications Update Service | thunderbird | Fixed | RHSA-2023:4496 | 07.08.2023 |
| Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions | thunderbird | Fixed | RHSA-2023:4496 | 07.08.2023 |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | thunderbird | Fixed | RHSA-2023:4500 | 07.08.2023 |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | thunderbird | Fixed | RHSA-2023:4500 | 07.08.2023 |
| Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | thunderbird | Fixed | RHSA-2023:4500 | 07.08.2023 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This vulnerability affects Thunderbird < 115.0.1 and Thunderbird < 102.13.1.
Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This vulnerability affects Thunderbird < 115.0.1 and Thunderbird < 102.13.1.
Thunderbird allowed the Text Direction Override Unicode Character in f ...
Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This vulnerability affects Thunderbird < 115.0.1.
Уязвимость почтового клиента Thunderbird, существующая из-за неправильной обработки символа Unicode для переопределения направления текста в именах файлов, позволяющая нарушителю проводить спуфинг-атаки
EPSS
7.5 High
CVSS3