Use of insufficiently random values in Mozilla Thunderbird - CVE-2020-6792
Published: February 11, 2020
Vulnerability identifier: #VU25129
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2020-6792
CWE-ID: CWE-330
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Mozilla
Affected software:
Mozilla Thunderbird
Mozilla Thunderbird
Detailed vulnerability description
The vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due to an error in the message ID calculation processes that used uninitialized data in addition to the message contents.
How to mitigate CVE-2020-6792
Install updates from vendor's website.