Gentoo update for Mozilla Thunderbird

1) Spoofing attack

EUVDB-ID: #VU78541

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3417

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of the Text Direction Override Unicode Character in filenames. A remote attacker can show a potentially dangerous email attachment as a document file.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU78067

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-3600

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error during the worker lifecycle when processing HTML content. A remote attacker can trick the victim to visit a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Origin validation error

EUVDB-ID: #VU78845

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-4045

CWE-ID: CWE-346 - Origin Validation Error

Exploit availability: No

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to improper tracking of cross-origin tainting in Offscreen Canvas. A remote attacker can violation the same-origin policy and access image data from another website.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) State Issues

EUVDB-ID: #VU78846

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-4046

CWE-ID: CWE-371 - State Issues

Exploit availability: No

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to usage of incorrect values during WASM compilation, resulting in a state value to be used for a global variable in WASM JIT analysis in the content process. A remote attacker can trick the victim into opening a malicious web page and execute arbitrary code on the system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Insufficient UI Warning of Dangerous Operations

EUVDB-ID: #VU78847

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-4047

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

The vulnerability allows a remote attacker to perform clickjacking attacks.

The vulnerability exists due to an error in popup notifications delay calculation. A remote attacker can trick the victim into granting permissions.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Resource exhaustion

EUVDB-ID: #VU78848

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-4048

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when parsing HTML with DOMParser. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use-after-free

EUVDB-ID: #VU78849

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-4049

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when releasing platform objects. A remote attacker can trick the victim to open a specially crafted web page, trigger a race condition and execute arbitrary code.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Stack-based buffer overflow

EUVDB-ID: #VU78850

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-4050

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in StorageManager when processing an untrusted input stream. A remote attacker can trick the victim to open a specially crafted website, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Insufficient UI Warning of Dangerous Operations

EUVDB-ID: #VU78851

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4051

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to an error when displaying the full screen notification by using the file open dialog. A remote attacker can trick the victim into clocking on the file open dialog and perform spoofing attack.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Insecure Inherited Permissions

EUVDB-ID: #VU78852

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4052

CWE-ID: CWE-277 - Insecure inherited permissions

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to Firefox uninstaller follows symbolic links when removing files from directory created by the application updater that is writable by non-privileged users. A local user can create symbolic links to critical files on the system and delete them when uninstalling Firefox.

Note, the vulnerability affects Windows installations only.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Insufficient UI Warning of Dangerous Operations

EUVDB-ID: #VU78853

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4053

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due an error when handling full screen notifications. A malicious website can obscure the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL, and perform spoofing attack.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Insufficient UI Warning of Dangerous Operations

EUVDB-ID: #VU78854

Risk: Medium

CVSSv4.0: 4.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-4054

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a missing warning when opening appref-ms files. A remote attacker can trick the victim to open a malicious appref-ms file and compromise the affected system.

Note, the vulnerability affects Windows installations only.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) State Issues

EUVDB-ID: #VU78855

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4055

CWE-ID: CWE-371 - State Issues

Exploit availability: No

The vulnerability allows a remote attacker to tamper with HTTP requests.

The vulnerability exists due to a cookie jar overflow when the number of cookies per domain was exceeded in document.cookie. A remote attacker can tamper with HTTP request and force the browser to send requests with some cookies missing.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Buffer overflow

EUVDB-ID: #VU78856

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-4056

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim into opening a specially crafted web page, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Buffer overflow

EUVDB-ID: #VU78857

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-4057

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim into opening a specially crafted web page, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Use-after-free

EUVDB-ID: #VU80090

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-4573

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in IPC CanvasTranslator. A remote attacker can trick the victim to open a specially crafted website, trigger memory corruption and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free

EUVDB-ID: #VU80091

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-4574

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in IPC ColorPickerShownCallback. A remote attacker can trick the victim to open a specially crafted website, trigger memory corruption and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Use-after-free

EUVDB-ID: #VU80092

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-4575

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in IPC FilePickerShownCallback. A remote attacker can trick the victim to open a specially crafted website, trigger memory corruption and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Integer overflow

EUVDB-ID: #VU80093

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-4576

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in RecordedSourceSurfaceCreation. A remote attacker can trick the victim to visit a specially crafted website, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Note, the vulnerability affects Firefox installations on Windows only.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Buffer overflow

EUVDB-ID: #VU80097

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-4577

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in JIT UpdateRegExpStatics when UpdateRegExpStatics attempted to access initialStringHeap. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Resource exhaustion

EUVDB-ID: #VU80098

Risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-4578

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in JS::CheckRegExpSyntax. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Cleartext storage of sensitive information

EUVDB-ID: #VU80099

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4580

CWE-ID: CWE-312 - Cleartext Storage of Sensitive Information

Exploit availability: No

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to push notifications are saved to disk unencrypted. A local user can gain access to potentially sensitive information.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Insufficient UI Warning of Dangerous Operations

EUVDB-ID: #VU80094

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4581

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to a missing warning when downloading Excel .xll add-in files. A remote attacker can trick the victim to visit a specially crafted website and force the browser to download potentially dangerous files without any warning.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Buffer overflow

EUVDB-ID: #VU80100

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-4582

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in WebGL glGetProgramiv. A remote attacker can trick the victim to open a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Note, the vulnerability affects only Firefox installations on macOS.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Information disclosure

EUVDB-ID: #VU80101

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4583

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to private session data are not cleared in HttpBaseChannel when closing private window. A remote attacker can obtain information from the not cleared session.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Buffer overflow

EUVDB-ID: #VU80095

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-4584

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Buffer overflow

EUVDB-ID: #VU80102

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-4585

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Out-of-bounds write

EUVDB-ID: #VU81125

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-5168

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in FilterNodeD2D1. A remote attacker can create a specially crafted website, trick the victim into opening, trigger an out-of-bounds write and execute arbitrary code on the target system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Out-of-bounds write

EUVDB-ID: #VU81126

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-5169

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in PathOps. A remote attacker can create a specially crafted website, trick the victim into opening, trigger an out-of-bounds write and execute arbitrary code on the target system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Use-after-free

EUVDB-ID: #VU81127

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-5171

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error during Ion compilation. A remote attacker can trick the victim to visit a specially crafted webpage, trigger a use after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Double Free

EUVDB-ID: #VU81128

Risk: Medium

CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-5174

CWE-ID: CWE-415 - Double Free

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when spawning processes on Windows. A remote attacker can trigger a double free error and execute arbitrary code on the target system.

Note, the vulnerability affects Firefox installations on Windows when running in a non-standard configuration, such as when using "runas".

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Buffer overflow

EUVDB-ID: #VU81129

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-5176

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Spoofing attack

EUVDB-ID: #VU82337

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-5721

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of queued up rendering. A remote attacker can perform spoofing attack by activating or dismissing certain browser prompts and dialogs.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Resource management error

EUVDB-ID: #VU82339

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-5724

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources in WebGL. A remote attacker can trick the victim to open a specially crafted website and perform a denial of service (DoS) attack.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU82340

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-5725

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

The vulnerability allows a malicious extension to bypass implemented security restrictions.

The vulnerability exists due to improperly imposed security restrictions in WebExtension, which can open arbitrary URLs. A malicious extension can collect sensitive user data.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Spoofing attack

EUVDB-ID: #VU82341

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-5726

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data when handling fullscreen notifications by file opening dialog. A remote attacker can perform spoofing attack.

Note, the vulnerability affects macOS installation only.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Security features bypass

EUVDB-ID: #VU82342

Risk: Medium

CVSSv4.0: 4.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-5727

CWE-ID: CWE-254 - Security Features

Exploit availability: No

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to a missing executable file warning when downloading .msix, .msixbundle, .appx, and .appxbundle files. A remote attacker can trick the victim into executing the files and compromise the affected system.

The vulnerability affects Windows installations only.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Buffer overflow

EUVDB-ID: #VU82343

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-5728

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper object tracking during garbage collection. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Buffer overflow

EUVDB-ID: #VU82344

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-5730

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Spoofing attack

EUVDB-ID: #VU82338

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-5732

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data when handling bidirectional characters. A remote attacker can spoof the browser address bar.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Out-of-bounds write

EUVDB-ID: #VU83367

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-6204

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing HTML content in in WebGL2 blitFramebuffer. A remote attacker can trick the victim ti visit a specially crafted website, trigger an out-of-bounds write and execute arbitrary code on the target system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Use-after-free

EUVDB-ID: #VU83368

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-6205

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the MessagePort::Entangled() method. A remote attacker can trick the victim to open a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Multiple Interpretations of UI Input

EUVDB-ID: #VU83369

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-6206

CWE-ID: CWE-450 - Multiple Interpretations of UI Input

Exploit availability: No

The vulnerability allows a remote attacker to perform clickjacking attack.

The vulnerability exists due to the black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. A remote attacker can perform clickjacking attack and trick the victim into pressing the permissions grant button.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Use-after-free

EUVDB-ID: #VU83370

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-6207

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the ReadableByteStreamQueueEntry::Buffer() method. A remote attacker can trick the victim to open a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Information disclosure

EUVDB-ID: #VU83371

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6208

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to the Selection API copies text by mistake into the primary selection, a temporary storage not unlike the clipboard, when using on X11. A local user can gain access to potentially sensitive information.

Note, the vulnerability affects only Firefox installations on X11.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Input validation error

EUVDB-ID: #VU83372

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-6209

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote attacker to manipulate data on websites.

The vulnerability exists due to insufficient validation of user-supplied input when parsing relative URLs that start with a triple slash, e.g. "///". A remote attacker can use a path-traversal "/../" part in the path to override the specified host.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Memory corruption

EUVDB-ID: #VU83373

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-6212

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim ti visit a specially crafted website, trigger a memory corruption and execute arbitrary code on the target system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Heap-based buffer overflow

EUVDB-ID: #VU84557

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-6856

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the WebGL DrawElementsInstanced method when used on systems with the Mesa VM driver. A remote attacker can trick the victim to visit a specially crafted website, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Buffer Underwrite ('Buffer Underflow')

EUVDB-ID: #VU84559

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6857

CWE-ID: CWE-124 - Buffer Underwrite ('Buffer Underflow')

Exploit availability: No

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to an error when handling symbolic links. A local user can trigger a race when the browser resolves a symbolic link, where the buffer passed to readlink may actually be smaller than necessary. A local user can gain access to potentially sensitive information.

The vulnerability affects Unix based operating systems only (e.g. Android, Linux, MacOS).

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Heap-based buffer overflow

EUVDB-ID: #VU84560

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6858

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in nsTextFragment when handling out-of-memory situations. A remote attacker can trick the victim to visit a specially crafted website, trigger a heap overflow and crash the browser.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Use-after-free

EUVDB-ID: #VU84561

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6859

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error in PR_GetIdentitiesLayer when creating the TLS socket. A remote attacker can trick the victim to visit a specially crafted website and crash the browser.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Security features bypass

EUVDB-ID: #VU84562

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-6860

CWE-ID: CWE-254 - Security Features

Exploit availability: No

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to VideoBridge lack of texture validation. A remote attacker can trick the victim to open a specially crafted website, escape the sandbox and gain access to sensitive information.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Heap-based buffer overflow

EUVDB-ID: #VU84564

Risk: Medium

CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-6861

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the nsWindow::PickerOpen(void) method when the browser is running in headless mode. A remote attacker can trick the victim to visit a specially crafted website, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Use-after-free

EUVDB-ID: #VU84565

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6862

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to crash the browser.

The vulnerability exists due to a use-after-free error in nsDNSService::Init during browser startup. A remote attacker with control over the DNS server can cause the browser to crash.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Reliance on undefined behavior

EUVDB-ID: #VU84566

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6863

CWE-ID: CWE-758 - Reliance on Undefined, Unspecified, or Implementation-Defined Behavior

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to reliance on undefined behavior in ShutdownObserver(). A remote attacker can crash the browser.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Buffer overflow

EUVDB-ID: #VU84567

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-6864

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Use-after-free

EUVDB-ID: #VU77940

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-37201

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in WebRTC. A remote attacker can trick the victim to visit a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Use-after-free

EUVDB-ID: #VU77941

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-37202

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in Cross-compartment wrappers. A remote attacker can trick the victim to open a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Insufficient UI Warning of Dangerous Operations

EUVDB-ID: #VU77942

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-37207

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to the way fullscreen notifications are handled within the browser. A remote attacker can trick the victim to visit a specially crafted website that can obscure the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL, and perform spoofing attack.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Insufficient UI Warning of Dangerous Operations

EUVDB-ID: #VU77943

Risk: Medium

CVSSv4.0: 4.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-37208

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to a missing warning when opening Diagcab files. A remote attacker can trick the victim into downloading a malicious Diagcab file and compromise the affected system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Buffer overflow

EUVDB-ID: #VU77944

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-37211

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim to open a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Spoofing attack

EUVDB-ID: #VU84577

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-50761

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data. The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compare the signature creation date with the message date and time, and displayed a valid signature despite a date or time mismatch. This could be used to give recipients the impression that a message was sent at a different date or time.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Spoofing attack

EUVDB-ID: #VU84576

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-50762

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

The vulnerability allows a remote attacker to spoof email content.

The vulnerability exists due to incorrect processing of user-supplied data. When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. This is because the text was interpreted as a MIME message and the first paragraph was always treated as an email header section. A digitally signed text from a different context, such as a signed GIT commit, could be used to spoof an email message.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Out-of-bounds write

EUVDB-ID: #VU85707

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-0741

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in ANGLE when processing untrusted input. A remote attacker can trick the victim to open a specially crafted website, trigger an out-of-bounds write and execute arbitrary code on the target system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Security features bypass

EUVDB-ID: #VU85708

Risk: Medium

CVSSv4.0: 4.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-0742

CWE-ID: CWE-254 - Security Features

Exploit availability: No

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to failure to update user input timestamp for certain browser prompts and dialogs. A remote attacker can perform clickjacking attack and trick the victim into providing unintended permissions to a malicious website.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Reachable Assertion

EUVDB-ID: #VU85712

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-0746

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion when listing pointers on Linux. A remote attacker can trick the victim to open the print preview dialog and crash the browser.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Security features bypass

EUVDB-ID: #VU85713

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-0747

CWE-ID: CWE-254 - Security Features

Exploit availability: No

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to an error in the way the Content Security Policy handles unsafe-inline directive. When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU85715

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-0749

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to application does not properly impose security restrictions. A phishing site could have repurposed an about: dialog to show phishing content with an incorrect origin in the address bar.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Insufficient UI Warning of Dangerous Operations

EUVDB-ID: #VU85716

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-0750

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

The vulnerability allows a remote attacker to perform a clickjacking attack.

The vulnerability exists due to an error in popup notifications delay calculation. A remote attacker can perform a clickjacking attack and trick a user into granting permissions to a malicious web application.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU85717

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-0751

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions. A malicious devtools extension could have been used to escalate privileges.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Security features bypass

EUVDB-ID: #VU85719

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-0753

CWE-ID: CWE-254 - Security Features

Exploit availability: No

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to an error when handling HSTS on a subdomain. In specific HSTS configurations an attacker could have bypassed HSTS.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Buffer overflow

EUVDB-ID: #VU85721

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-0755

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Update the affected packages.
mail-client/thunderbird to version: 115.7.0
mail-client/thunderbird-bin to version: 115.7.0

Gentoo Linux: All versions

mail-client/thunderbird-bin: before 115.7.0

mail-client/thunderbird: before 115.7.0

• cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird-bin:*:*:*:*:*:gentoo_linux:*:*
• cpe:2.3:o:gentoo:mail-client_thunderbird:*:*:*:*:*:gentoo_linux:*:*

http://security.gentoo.org/glsa/202402-25

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.