Wednesday, May 12, 2021

Ubuntu: USN-4936-1 (CVE-2021-29950): Thunderbird vulnerabilities

Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.From USN-4936-1:Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2021-23968, CVE-2021-23969,CVE-2021-23973,CVE-2021-23978)It was discovered that Thunderbird may keep key material in memory in some circumstances. A local attacker could potentially exploit this to obtain private keys. (CVE-2021-29950)
Solution(s)
  • ubuntu-upgrade-thunderbird


  • References
  • USN-4756-1
  • USN-4936-1
  • CVE-2021-29950




  •  

    Copyright © 2020 Cyber Details - Vulnerability Database™

    Thanks for everything Templateism - You should have written the code a little more complicated