Multiple vulnerabilities in Mozilla Thunderbird
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 13 |
| CVE-ID | CVE-2023-25728 CVE-2023-25730 CVE-2023-0767 CVE-2023-25735 CVE-2023-25737 CVE-2023-25738 CVE-2023-25739 CVE-2023-25729 CVE-2023-25732 CVE-2023-25734 CVE-2023-25742 CVE-2023-25746 CVE-2023-0616 |
| CWE-ID | CWE-200 CWE-451 CWE-787 CWE-416 CWE-704 CWE-125 CWE-357 CWE-254 CWE-20 CWE-119 CWE-399 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Mozilla Thunderbird Client/Desktop applications / Messaging software |
| Vendor | Mozilla |
Security Bulletin
This security bulletin contains information about 13 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU72248
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-25728
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the Content-Security-Policy-Report-Only header can leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. A remote attacker can gain access to potentially sensitive information.
Install update from vendor's website.
Vulnerable software versionsMozilla Thunderbird: 102.0 - 102.7.2
External linkshttp://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Spoofing attack
EUVDB-ID: #VU72249
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-25730
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to the possibility of screen hijacking. A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsMozilla Thunderbird: 102.0 - 102.7.2
External linkshttp://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds write
EUVDB-ID: #VU72250
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-0767
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing PKCS 12 Safe Bag attributes. A remote attacker can create a specially crafted PKCS 12 cert bundle, trick the victim into loading it, trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsMozilla Thunderbird: 102.0 - 102.7.2
External linkshttp://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Use-after-free
EUVDB-ID: #VU72251
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-25735
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in SpiderMonkey when in the way cross-compartment wrappers wrapping a scripted proxy. A remote attacker can execute arbitrary code on the target system.
Install update from vendor's website.
Vulnerable software versionsMozilla Thunderbird: 102.0 - 102.7.2
External linkshttp://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Type conversion
EUVDB-ID: #VU72252
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-25737
CWE-ID:
CWE-704 - Type conversion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to an invalid downcast from nsTextNode to SVGElement in SVGUtils::SetupStrokeGeometry(). A remote attacker can trigger type conversion error and potentially execute arbitrary code.
Install update from vendor's website.
Vulnerable software versionsMozilla Thunderbird: 102.0 - 102.7.2
External linkshttp://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds read
EUVDB-ID: #VU72253
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-25738
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a missing validation of members of the DEVMODEW struct set by the printer device driver while printing web page in Windows. A remote attacker can trick the victim to print a specially crafted web page and crash the browser.
Note, the vulnerability affects Windows installations only.
Install update from vendor's website.
Vulnerable software versionsMozilla Thunderbird: 102.0 - 102.7.2
External linkshttp://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Use-after-free
EUVDB-ID: #VU72254
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-25739
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in mozilla::dom::ScriptLoadContext::~ScriptLoadContext(). Module load requests that failed were not being checked as to whether or not they were cancelled in ScriptLoadContext. A remote attacker can trick the victim to visit a specially crafted web page, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsMozilla Thunderbird: 102.0 - 102.7.2
External linkshttp://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Insufficient UI Warning of Dangerous Operations
EUVDB-ID: #VU72255
Risk: Medium
CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-25729
CWE-ID:
CWE-357 - Insufficient UI Warning of Dangerous Operations
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to missing permissions prompts for opening external schemes were only shown for ContentPrincipals. A malicious extension can open external schemes without user interaction via ExpandedPrincipals and perform other potentially dangerous actions, such as downloading files or interacting with software already installed on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsMozilla Thunderbird: 102.0 - 102.7.2
External linkshttp://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Out-of-bounds write
EUVDB-ID: #VU72256
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-25732
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within EncodeInputStream when encoding data from an inputStream in xpcom. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsMozilla Thunderbird: 102.0 - 102.7.2
External linkshttp://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Security features bypass
EUVDB-ID: #VU72257
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-25734
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to an error when handling Windows .url shortcuts that are opened by the browser from the local filesystem. A remote attacker can trick the victim into launching a specially crafted shortcut that then initiates network requests from the operating system to the malicious server. A remote attacker can obtain potentially sensitive information including NTLM credentials.
Note, the vulnerability affects Windows installations only.
Install update from vendor's website.
Vulnerable software versionsMozilla Thunderbird: 102.0 - 102.7.2
External linkshttp://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Input validation error
EUVDB-ID: #VU72263
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-25742
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in Web Crypto ImportKey when importing SPKI RSA public key as ECDSA P-256. A remote attacker can trick the victim to import the public key and crash the browser tab.
Install update from vendor's website.
Vulnerable software versionsMozilla Thunderbird: 102.0 - 102.7.2
External linkshttp://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Buffer overflow
EUVDB-ID: #VU72266
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-25746
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing web content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsMozilla Thunderbird: 102.0 - 102.7.2
External linkshttp://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Resource management error
EUVDB-ID: #VU72329
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-0616
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the application. If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted message with this structure to attempt a DoS attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsMozilla Thunderbird: 102.0 - 102.7.2
External linkshttp://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
