USN-5972-1: Thunderbird vulnerabilities

Read Time:36 Second

Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code. (CVE-2023-25152, CVE-2023-28162,
CVE-2023-28176)

Lukas Bernhard discovered that Thunderbird did not properly manage memory
when invalidating JIT code while following an iterator. An attacker could
potentially exploits this issue to cause a denial of service.
(CVE-2023-25751)

Luan Herrera discovered that Thunderbird did not properly manage
cross-origin iframe when dragging a URL. An attacker could potentially
exploit this issue to perform spoofing attacks. (CVE-2023-28164)

Generated by Feedzy

Cyber Security News

Friday Squid Blogging: Light-Emitting Squid

University of Manchester Suffers Suspected Data Breach During Cyber Incident

Barracuda: Immediately rip out and replace our security hardware

Google launches Secure AI Framework to help secure AI technology

Barracuda Urges Swift Replacement of Vulnerable ESG Appliances

Operation Triangulation: Zero-Click iPhone Malware

Google Launches Framework to Secure Generative AI

Security Experts Highlight Exploit for Patched Windows Flaw

Pros and Cons of AI in Daily Life

USN-5972-1: Thunderbird vulnerabilities

kernel-6.3.7-100.fc37

kernel-6.3.7-200.fc38

chromium-114.0.5735.106-1.fc38

chromium-114.0.5735.106-1.el8

chromium-114.0.5735.106-1.fc37

chromium-114.0.5735.106-1.el9