#VU84577 Spoofing attack in Mozilla Thunderbird


Published: 2023-12-19

Vulnerability identifier: #VU84577

Vulnerability risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-50761

CWE-ID: CWE-451

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Mozilla Thunderbird
Client/Desktop applications / Messaging software

Vendor: Mozilla

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data. The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compare the signature creation date with the message date and time, and displayed a valid signature despite a date or time mismatch. This could be used to give recipients the impression that a message was sent at a different date or time.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Mozilla Thunderbird: 115.0 - 115.5.2, 102.0 - 102.15.1

External links
http://www.mozilla.org/en-US/security/advisories/mfsa2023-55/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Gentoo update for Mozilla Thunderbird
CentOS 7 update for thunderbird
SUSE update for MozillaThunderbird
Red Hat Enterprise Linux 8 update for thunderbird
Red Hat Enterprise Linux 9.2 Extended Update Support update for thunderbird
Red Hat Enterprise Linux 7 update for thunderbird
Red Hat Enterprise Linux 9.0 Extended Update Support update for thunderbird
Ubuntu update for thunderbird
Red Hat Enterprise Linux 8 update for thunderbird
Red Hat Enterprise Linux 8.6 Extended Update Support update for thunderbird