SB2022091921 - Multiple vulnerabilities in Mozilla Thunderbird

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022091921

SB2022091921 - Multiple vulnerabilities in Mozilla Thunderbird

Published: September 19, 2022 Updated: October 20, 2022

Security Bulletin ID SB2022091921
Severity
Medium
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 67% Low 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2022-3033)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the way Thunderbird handles the meta tag having the http-equiv="refresh" attribute in email messages when the user replies to an email. A remote attacker can send a specially crafted email to the victim and force the application to initiate requests to an external URL regardless of the configuration to block remote content.

Combined with other HTML elements and attributes in the email, it is possible to execute arbitrary JavaScript code included into the malicious message in the context of the message compose document and read or modify the contents of the message compose document, including the quoted original message, which could potentially contain the decrypted plaintext of encrypted data in the crafted email.



2) Security features bypass (CVE-ID: CVE-2022-3032)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists doe to incorrect processing of HTML emails with an iframe</code> element that uses a <code>srcdoc attribute to define the inner HTML document. A remote attacker can trick the victim to open a specially crafted email message and bypass blocking of remote objects specified in the nested document, for example images or videos.


3) Security features bypass (CVE-ID: CVE-2022-3034)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to iframe elements in an HTML email force the application to initiate network requests. A remote attacker can use an iframe to confirm that the email was read by the victim and obtain victim's IP address.


Remediation

Install update from vendor's website.

References