Debian update for thunderbird
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2020-15685 CVE-2020-16044 CVE-2020-26976 CVE-2021-23953 CVE-2021-23954 CVE-2021-23960 CVE-2021-23964 |
| CWE-ID | CWE-94 CWE-416 CWE-399 CWE-200 CWE-843 CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
thunderbird (Debian package) Operating systems & Components / Operating system package or component |
| Vendor | Debian |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Code Injection
EUVDB-ID: #VU50038
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-15685
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass certain security restrictions.
The vulnerability exists due to improper input validation when processing plaintext phase of the IMAP STARTTLS connection setup. A remote attacker can pass protocol commands, which can be evaluated within the encrypted session.
MitigationUpdate thunderbird package to version 1:78.7.0-1~deb10u1.
Vulnerable software versionsthunderbird (Debian package): 1:60.8.0-1~deb10u1 - 78.6.0-1~deb10u1
CPE2.3- cpe:2.3:o:debian:thunderbird_debian_package:78.6.0-1~deb10u1:*:*:*:*:debian_linux:*:
- cpe:2.3:o:debian:thunderbird_debian_package:78.5.1-1~deb10u1:*:*:*:*:debian_linux:*:
- cpe:2.3:o:debian:thunderbird_debian_package:1:78.5.1-1~deb10u1:*:*:*:*:debian_linux:*:
http://www.debian.org/security/2021/dsa-4842
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use-after-free
EUVDB-ID: #VU49300
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-16044
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing COOKIE-ECHO chunk in a SCTP packet. A remote attacker can pass specially crafted data to the browser, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationUpdate thunderbird package to version 1:78.7.0-1~deb10u1.
Vulnerable software versionsthunderbird (Debian package): 1:60.8.0-1~deb10u1 - 78.6.0-1~deb10u1
CPE2.3- cpe:2.3:o:debian:thunderbird_debian_package:78.6.0-1~deb10u1:*:*:*:*:debian_linux:*:
- cpe:2.3:o:debian:thunderbird_debian_package:78.5.1-1~deb10u1:*:*:*:*:debian_linux:*:
- cpe:2.3:o:debian:thunderbird_debian_package:1:78.5.1-1~deb10u1:*:*:*:*:debian_linux:*:
http://www.debian.org/security/2021/dsa-4842
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Resource management error
EUVDB-ID: #VU49018
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-26976
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to improper management of internal resources within the application, when processing embedded elements with https/http protocols. When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the (insecure) framing.
MitigationUpdate thunderbird package to version 1:78.7.0-1~deb10u1.
Vulnerable software versionsthunderbird (Debian package): 1:60.8.0-1~deb10u1 - 78.6.0-1~deb10u1
CPE2.3- cpe:2.3:o:debian:thunderbird_debian_package:78.6.0-1~deb10u1:*:*:*:*:debian_linux:*:
- cpe:2.3:o:debian:thunderbird_debian_package:78.5.1-1~deb10u1:*:*:*:*:debian_linux:*:
- cpe:2.3:o:debian:thunderbird_debian_package:1:78.5.1-1~deb10u1:*:*:*:*:debian_linux:*:
http://www.debian.org/security/2021/dsa-4842
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU50021
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-23953
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to cross-origin information leak when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it and gain access to sensitive information via redirected PDF requests, when said information is served as chunked data.
MitigationUpdate thunderbird package to version 1:78.7.0-1~deb10u1.
Vulnerable software versionsthunderbird (Debian package): 1:60.8.0-1~deb10u1 - 78.6.0-1~deb10u1
CPE2.3- cpe:2.3:o:debian:thunderbird_debian_package:78.6.0-1~deb10u1:*:*:*:*:debian_linux:*:
- cpe:2.3:o:debian:thunderbird_debian_package:78.5.1-1~deb10u1:*:*:*:*:debian_linux:*:
- cpe:2.3:o:debian:thunderbird_debian_package:1:78.5.1-1~deb10u1:*:*:*:*:debian_linux:*:
http://www.debian.org/security/2021/dsa-4842
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Type Confusion
EUVDB-ID: #VU50022
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-23954
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error when using the new logical assignment operators in a JavaScript switch statement. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate thunderbird package to version 1:78.7.0-1~deb10u1.
Vulnerable software versionsthunderbird (Debian package): 1:60.8.0-1~deb10u1 - 78.6.0-1~deb10u1
CPE2.3- cpe:2.3:o:debian:thunderbird_debian_package:78.6.0-1~deb10u1:*:*:*:*:debian_linux:*:
- cpe:2.3:o:debian:thunderbird_debian_package:78.5.1-1~deb10u1:*:*:*:*:debian_linux:*:
- cpe:2.3:o:debian:thunderbird_debian_package:1:78.5.1-1~deb10u1:*:*:*:*:debian_linux:*:
http://www.debian.org/security/2021/dsa-4842
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Buffer overflow
EUVDB-ID: #VU50024
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-23960
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
Update thunderbird package to version 1:78.7.0-1~deb10u1.
Vulnerable software versionsthunderbird (Debian package): 1:60.8.0-1~deb10u1 - 78.6.0-1~deb10u1
CPE2.3- cpe:2.3:o:debian:thunderbird_debian_package:78.6.0-1~deb10u1:*:*:*:*:debian_linux:*:
- cpe:2.3:o:debian:thunderbird_debian_package:78.5.1-1~deb10u1:*:*:*:*:debian_linux:*:
- cpe:2.3:o:debian:thunderbird_debian_package:1:78.5.1-1~deb10u1:*:*:*:*:debian_linux:*:
http://www.debian.org/security/2021/dsa-4842
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Buffer overflow
EUVDB-ID: #VU50025
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-23964
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate thunderbird package to version 1:78.7.0-1~deb10u1.
Vulnerable software versionsthunderbird (Debian package): 1:60.8.0-1~deb10u1 - 78.6.0-1~deb10u1
CPE2.3- cpe:2.3:o:debian:thunderbird_debian_package:78.6.0-1~deb10u1:*:*:*:*:debian_linux:*:
- cpe:2.3:o:debian:thunderbird_debian_package:78.5.1-1~deb10u1:*:*:*:*:debian_linux:*:
- cpe:2.3:o:debian:thunderbird_debian_package:1:78.5.1-1~deb10u1:*:*:*:*:debian_linux:*:
http://www.debian.org/security/2021/dsa-4842
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
