Lucene search

K

Veracode Vulnerability DatabaseVERACODE:40224

HistoryApr 20, 2023 - 9:38 a.m.

Out-of-Bounds Write

2023-04-2009:38:13

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

14

thunderbird vulnerability out-of-bounds write remote attack software denial of service arbitrary code execution improper memory management operations

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

57.5%

thunderbird is vulnerable to Out-of-bounds Write. A remote local attacker is able to cause out-of-bound writes due to improper memory management operations, resulting in a denial of service or arbitrary code execution.

References

git://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2023-29550

bugzilla.mozilla.org/buglist.cgi?bug_id=1720594%2C1812498%2C1814217%2C1818357%2C1751945%2C1818762%2C1819493%2C1820389%2C1820602%2C1821448%2C1822413%2C1824828

www.mozilla.org/security/advisories/mfsa2023-13/

www.mozilla.org/security/advisories/mfsa2023-14/

www.mozilla.org/security/advisories/mfsa2023-15/

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

57.5%

Related for VERACODE:40224