Published: 24/06/2021 Updated: 30/06/2021

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 2.5 | Impact Score: 1.4 | Exploitability Score: 1

VMScore: 169

Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N

Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird < 78.10.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla thunderbird

Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure In adddition a number of security issues were addressed in the OpenPGP support For the stable distribution (buster), these problems have been fixed in version 1:78100-1~deb10u1 We recommend that you upgrade y ...

Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine This vulnerability affects Firefox < 85 (CVE-2021-23991) (CVE-2021-23992) (CVE-2021-23961) (CVE-2021-23993) (CVE-2021-23994) (CVE-2021-23995) (CVE- ...

Mozilla Foundation Security Advisory 2021-14 Security Vulnerabilities fixed in Thunderbird 7810 Announced April 19, 2021 Impact high Products Thunderbird Fixed in Thunderbird 7810 ...

A security issue has been found in Thunderbird before version 7810 Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file ...

CWE-362 https://www.mozilla.org/security/advisories/mfsa2021-14/https://bugzilla.mozilla.org/show_bug.cgi?id=1692899 https://nvd.nist.gov https://www.debian.org/security/2021/dsa-4897

CVE-2021-29948

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect