8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
51.5%
Mozilla Thunderbird email client vulnerability is related to a boundary error in the engine’s garbage collector
JS. Exploitation of the vulnerability could allow an attacker acting remotely to create a customized
website, trick the victim into opening it, cause memory corruption, and execute arbitrary code
on the target system
A vulnerability in the Mozilla Thunderbird email client is related to same-source policy violations in the
performance.getEntries() method. Exploitation of the vulnerability could allow an attacker acting
remotely, trick a victim into opening a specially crafted website and retrieving URL records
from different sources
A vulnerability in the Mozilla Thunderbird email client is related to improper management of internal resources in the application when processing window events.
resources in the application when handling window.print() events. Exploitation of the vulnerability could allow
an attacker acting remotely to trick a victim into opening a special website and performing a denial of service attack.
Denial of service (DoS) attack
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | thunderbird | <= 102.4.0-1 | UNKNOWN |