USN-4736-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context,
an attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, or execute arbitrary code. (CVE-2020-26976,
CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964)

It was discovered that responses received during the plaintext phase of
the STARTTLS connection setup were subsequently evaluated during the
encrypted session. A person in the middle could potentially exploit this
to perform a response injection attack. (CVE-2020-15685)

Smash a Button
[Total: 0 Average: 0]
Get PDFPrint This
About Me: I'm just some retired dude with a little bit more free time on my hands. If you want to support the site, why not help yourself out too by ordering some inexpensive web hosting so that you can start your own site?

Related posts:

  1. USN-4734-1: wpa_supplicant and hostapd vulnerabilities
  2. USN-4734-2: wpa_supplicant and hostapd vulnerabilities
  3. USN-4717-2: Firefox regression

Author: Admin

I'm a retired mathematician that has a fondness for Linux and many (not all) things tech. I'm an old-school geek that just enjoys the life he has. I live in a very, very rural area of Maine.

Leave a Reply

Your email address will not be published. Required fields are marked *

Linux Tips

This work is licensed under a Creative Commons Attribution 4.0 International License.
SITEMAP
Exit mobile version