Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2018-18509

A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird before 60.5.1 as having a valid digital signature, even if the shown message contents aren't covered by the signature. The flaw allows an attacker to reuse a valid S/MIME signature to craft an email message with arbitrary content.

Source

Severity High

Remote Yes

Type Insufficient validation

Description

A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird before 60.5.1 as having a valid digital signature, even if the shown message contents aren't covered by the signature. The flaw allows an attacker to reuse a valid S/MIME signature to craft an email message with arbitrary content.

AVG-908 thunderbird 60.5.0-1 60.5.1-1 Critical Fixed

20 Feb 2019 ASA-201902-23 AVG-908 thunderbird Critical multiple issues

https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/#CVE-2018-18509
https://bugzilla.mozilla.org/show_bug.cgi?id=1507218

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect