Lucene search
Mozilla FoundationMFSA2023-04HistoryJan 23, 2023 - 12:00 a.m.
Security Vulnerabilities fixed in Thunderbird 102.7.1 — Mozilla
2023-01-2300:00:00
Mozilla Foundation
www.mozilla.org
111
security
thunderbird
certificate
ocsp
revocation
s/mime
bug
mail
signature
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
21.9%
Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by this bug.
Affected configurations
Node
mozillathunderbirdRange<102.7.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | thunderbird | * | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |
Related
nessus
nessus
RHEL 9 : thunderbird (RHSA-2023:0608)
2023-02-06 00:00:00
Rocky Linux 9 : thunderbird (RLSA-2023:0608)
2023-02-07 00:00:00
Scientific Linux Security Update : thunderbird on SL7.x x86_64 (2023:0600)
2023-02-07 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package thunderbird version 102.7.1-alt1
2023-02-09 00:00:00
osv
osv
Important: thunderbird security update
2023-02-06 19:21:05
Important: thunderbird security update
2023-02-06 00:00:00
Important: thunderbird security update
2023-02-06 00:00:00
cvelist
cvelist
CVE-2023-0430
2023-06-02 00:00:00
almalinux
almalinux
Important: thunderbird security update
2023-02-06 00:00:00
Important: thunderbird security update
2023-02-06 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2023-02-07 00:00:00
thunderbird security update
2023-02-07 00:00:00
thunderbird security update
2023-02-07 00:00:00
redhat
redhat
(RHSA-2023:0600) Important: thunderbird security update
2023-02-06 16:44:24
(RHSA-2023:0602) Important: thunderbird security update
2023-02-06 16:47:37
(RHSA-2023:0607) Important: thunderbird security update
2023-02-06 19:21:56
cve
cve
CVE-2023-0430
2023-06-02 17:15:10
veracode
veracode
Signature Verification Bypass
2023-03-12 15:00:26
ubuntucve
ubuntucve
CVE-2023-0430
2023-06-02 00:00:00
redhatcve
redhatcve
CVE-2023-0430
2023-02-02 09:38:05
debiancve
debiancve
CVE-2023-0430
2023-06-02 17:15:10
nvd
nvd
CVE-2023-0430
2023-06-02 17:15:10
openvas
openvas
CentOS: Security Advisory for thunderbird (CESA-2023:0600)
2023-02-21 00:00:00
Mozilla Thunderbird Security Advisory (MFSA2023-04) - Mac OS X
2023-02-02 00:00:00
Mozilla Thunderbird Security Advisory (MFSA2023-04) - Windows
2023-02-02 00:00:00
centos
centos
thunderbird security update
2023-02-20 16:17:35
kaspersky
kaspersky
KLA20195 SB vulnerability in Mozilla Thunderbird
2023-01-23 00:00:00
slackware
slackware
[slackware-security] mozilla-thunderbird
2023-02-01 22:29:44
rocky
rocky
thunderbird security update
2023-02-06 19:21:05
thunderbird security update
2023-02-06 19:23:17
prion
prion
Design/Logic Flaw
2023-06-02 17:15:00
mageia
mageia
Updated thunderbird packages fix security vulnerability
2023-02-07 03:06:39
debian
debian
[SECURITY] [DLA 3324-1] thunderbird security update
2023-02-20 08:15:05
[SECURITY] [DSA 5355-1] thunderbird security update
2023-02-18 18:55:02
ubuntu
ubuntu
Thunderbird vulnerabilities
2023-02-06 00:00:00
amazon
amazon
Important: thunderbird
2023-02-17 00:11:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
21.9%
Related for MFSA2023-04