Lucene search
Veracode Vulnerability DatabaseVERACODE:28267HistoryDec 06, 2020 - 3:48 a.m.
Information Disclosure
2020-12-0603:48:50
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
thunderbird
information disclosure
vulnerability
automatic account setup
microsoft exchange
EPSS
0.002
Percentile
55.1%
Thunderbird is vulnerable to information disclosure. An attacker is able to intercepts Thunderbird’s initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and sends a crafted response, of which Thunderbird will responds with username and password over https to a server controlled by the attacker.
Related
nvd
nvd
CVE-2020-15646
2020-10-08 14:15:12
ubuntucve
ubuntucve
CVE-2020-15646
2020-10-08 00:00:00
redhatcve
redhatcve
CVE-2020-15646
2020-07-16 19:08:30
cvelist
cvelist
CVE-2020-15646
2020-10-08 13:37:18
cve
cve
CVE-2020-15646
2020-10-08 14:15:12
prion
prion
Default credentials
2020-10-08 14:15:00
debiancve
debiancve
CVE-2020-15646
2020-10-08 14:15:12
redhat
redhat
(RHSA-2020:2966) Important: thunderbird security update
2020-07-16 07:11:10
(RHSA-2020:3046) Important: thunderbird security update
2020-07-21 14:16:22
(RHSA-2020:2907) Important: thunderbird security update
2020-07-14 10:48:24
openvas
openvas
Mozilla Thunderbird Security Advisory (MFSA2020-26) - Windows
2023-01-10 00:00:00
Mozilla Thunderbird Security Advisory (MFSA2020-26) - Mac OS X
2023-01-10 00:00:00
Debian: Security Advisory (DSA-4718-1)
2020-07-07 00:00:00
nessus
nessus
RHEL 6 : thunderbird (RHSA-2020:2966)
2020-07-16 00:00:00
RHEL 8 : thunderbird (RHSA-2020:3038)
2020-07-28 00:00:00
RHEL 8 : thunderbird (RHSA-2020:3046)
2020-07-21 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Thunderbird 68.10.0 — Mozilla
2020-06-30 00:00:00
osv
osv
thunderbird - security update
2020-07-05 00:00:00
kaspersky
kaspersky
KLA11829 Multiple vulnerabilities in Mozilla Thunderbird
2020-06-30 00:00:00