Описание
A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service (DOS) attack because Thunderbird reopens the last seen message on restart, triggering the crash again. This vulnerability affects Thunderbird < 60.5.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | 1:60.6.1+build2-0ubuntu0.18.04.1 |
| cosmic | not-affected | |
| devel | not-affected | |
| disco | not-affected | |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty/esm | DNE | |
| upstream | released | 1:60.5.0-1 |
| xenial | not-affected | 1:60.6.1+build2-0ubuntu0.16.04.1 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service (DOS) attack because Thunderbird reopens the last seen message on restart, triggering the crash again. This vulnerability affects Thunderbird < 60.5.
A crash can occur when processing a crafted S/MIME message or an XPI p ...
A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service (DOS) attack because Thunderbird reopens the last seen message on restart, triggering the crash again. This vulnerability affects Thunderbird < 60.5.
EPSS
5 Medium
CVSS2
7.5 High
CVSS3