Описание
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.
Отчет
Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | thunderbird-flatpak-container | Affected | ||
| Red Hat Enterprise Linux 6 | thunderbird | Out of support scope | ||
| Red Hat Enterprise Linux 7 | thunderbird | Out of support scope | ||
| Red Hat Enterprise Linux 9 | thunderbird-flatpak-container | Affected | ||
| Red Hat Enterprise Linux 10 | thunderbird | Fixed | RHSA-2025:7507 | 13.05.2025 |
| Red Hat Enterprise Linux 8 | thunderbird | Fixed | RHSA-2025:4649 | 07.05.2025 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | thunderbird | Fixed | RHSA-2025:4389 | 30.04.2025 |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | thunderbird | Fixed | RHSA-2025:4654 | 07.05.2025 |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | thunderbird | Fixed | RHSA-2025:4654 | 07.05.2025 |
| Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | thunderbird | Fixed | RHSA-2025:4654 | 07.05.2025 |
Показывать по
Дополнительная информация
Статус:
6.1 Medium
CVSS3
Связанные уязвимости
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.
By crafting a malformed file name for an attachment in a multipart mes ...
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.
Уязвимость почтового клиента Thunderbird, связанная с неверным ограничением имени пути к каталогу с ограниченным доступом, позволяющая нарушителю раскрыть защищаемую информацию
6.1 Medium
CVSS3