Risk | High |
Patch available | YES |
Number of vulnerabilities | 5 |
CVE-ID | CVE-2020-6831 CVE-2020-12387 CVE-2020-12392 CVE-2020-12395 CVE-2020-12397 |
CWE-ID | CWE-119 CWE-416 CWE-20 CWE-451 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
thunderbird (Debian package) Operating systems & Components / Operating system package or component |
Vendor | Debian |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
EUVDB-ID: #VU27532
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-6831
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing SCTP chunks in WebRTC. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate thunderbird package to one of the following versions: 1:68.8.0-1~deb9u1, 1:68.8.0-1~deb10u1.
Vulnerable software versionsthunderbird (Debian package): 1:68.0~b1-1 - 68.7.0-1~deb10u1
External linkshttp://www.debian.org/security/2020/dsa-4683
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27529
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-12387
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error caused by the race condition when running shutdown code for Web Worker. A remote attacker can create a specially crafted website, trick the victim into visiting it, trigger a use-after-free error and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationUpdate thunderbird package to one of the following versions: 1:68.8.0-1~deb9u1, 1:68.8.0-1~deb10u1.
Vulnerable software versionsthunderbird (Debian package): 1:68.0~b1-1 - 68.7.0-1~deb10u1
External linkshttp://www.debian.org/security/2020/dsa-4683
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27535
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-12392
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to the "Copy as cURL" feature of Devtools network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files.
MitigationUpdate thunderbird package to one of the following versions: 1:68.8.0-1~deb9u1, 1:68.8.0-1~deb10u1.
Vulnerable software versionsthunderbird (Debian package): 1:68.0~b1-1 - 68.7.0-1~deb10u1
External linkshttp://www.debian.org/security/2020/dsa-4683
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27538
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-12395
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate thunderbird package to one of the following versions: 1:68.8.0-1~deb9u1, 1:68.8.0-1~deb10u1.
Vulnerable software versionsthunderbird (Debian package): 1:68.0~b1-1 - 68.7.0-1~deb10u1
External linkshttp://www.debian.org/security/2020/dsa-4683
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27572
Risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-12397
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of sender email addresses. A remote attacker can spoof an email address using encoded Unicode characters.
Update thunderbird package to one of the following versions: 1:68.8.0-1~deb9u1, 1:68.8.0-1~deb10u1.
Vulnerable software versionsthunderbird (Debian package): 1:68.0~b1-1 - 68.7.0-1~deb10u1
External linkshttp://www.debian.org/security/2020/dsa-4683
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.