Published: 22/12/2022 Updated: 08/08/2023

CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8

VMScore: 0

If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER attribute or an OBJECT tag with a DATA attribute, a network request to the referenced remote URL was performed, regardless of a configuration to block remote content. An image loaded from the POSTER attribute was shown in the composer window. These issues could have given an attacker additional capabilities when targetting releases that did not yet have a fix for CVE-2022-3033 which was reported around three months ago. This vulnerability affects Thunderbird < 102.5.1.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla thunderbird

Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure For the stable distribution (bullseye), this problem has been fixed in version 1:10260-1~deb11u1 We recommend that you upgrade your thunderbird packages For the detailed security status of thunderbird please ...

Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for thunderbird is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Product Security ...

Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for thunderbird is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Security ...

Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for thunderbird is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as h ...

Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for thunderbird is now available for Red Hat Enterprise Linux 82 Advanced Update Support, Red Hat Enterprise Linux ...

Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for thunderbird is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat Product ...

Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for thunderbird is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as h ...

An out of date graphics library (Angle) likely contained vulnerabilities that could potentially be exploited This vulnerability affects Thunderbird < 789 and Firefox ESR < 789 (CVE-2021-4127) Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported ...

Mozilla Foundation Security Advisory 2022-50 Security Vulnerabilities fixed in Thunderbird 10251 Announced November 30, 2022 Impact moderate Products Thunderbird Fixed in Thunderbird 10251 ...

Description This CVE is under investigation by Red Hat Product Security ...

NVD-CWE-Other https://bugzilla.mozilla.org/show_bug.cgi?id=1788096 https://www.mozilla.org/security/advisories/mfsa2022-50/https://nvd.nist.gov https://www.debian.org/security/2022/dsa-5303

Get Started

CVE-2022-45414

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect