Searching
..

Click anywhere to stop

KLA19266
Multiple vulnerabilities in Mozilla Thunderbird

Updated: 01/25/2024
Detect date
?
09/28/2022
Severity
?
High
Description

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Data corruption vulnerability in matrix-js-sdk can be exploited via specially crafted message to cause denial of service.
  2. An elevation of privilege vulnerability in matrix-js-sdk can be exploited remotely to gain privileges or execute arbitrary code.
  3. Device verification vulnerability in matrix-js-sdk can be exploited remotely to gain privileges or execute arbitrary code.
Affected products

Mozilla Thunderbird earlier than 102.3.1

Solution

Update to the latest version
Download Thunderbird

Original advisories

MFSA2022-43

Impacts
?
ACE 
[?]

DoS 
[?]

SB 
[?]
Related products
Mozilla Thunderbird
CVE-IDS
?
CVE-2022-392365.3High
CVE-2022-392517.5Critical
CVE-2022-392507.5Critical
CVE-2022-392497.5Critical
Find out the statistics of the vulnerabilities spreading in your region