Severity High
Patch available YES
Number of vulnerabilities 6
CVE ID CVE-2020-6792
CVE-2020-6793
CVE-2020-6794
CVE-2020-6795
CVE-2020-6798
CVE-2020-6800
CWE ID CWE-330
CWE-125
CWE-312
CWE-476
CWE-94
CWE-119
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Arch Linux

Operating systems & Components /
Operating system
Vendor Arch Linux

Security Advisory

1) Use of insufficiently random values

Severity: Low

CVSSv3:
3.2 [CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID:
CVE-2020-6792

CWE-ID:
CWE-330 – Use of Insufficiently Random Values

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to an error in the message ID calculation processes that used uninitialized data in addition to the message contents.

Mitigation

Update the affected package thunderbird to version 68.5.0-1.

Vulnerable software versions

Arch Linux:

CPE
External links

https://security.archlinux.org/advisory/ASA-202002-9

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

Severity: Medium

CVSSv3:
4.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID:
CVE-2020-6793

CWE-ID:
CWE-125 – Out-of-bounds Read

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when processing email messages. A remote attacker can send a specially crafted email message to the victim, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system or crash the application.

Mitigation

Update the affected package thunderbird to version 68.5.0-1.

Vulnerable software versions

Arch Linux:

CPE
External links

https://security.archlinux.org/advisory/ASA-202002-9

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Cleartext storage of sensitive information

Severity: Low

CVSSv3:
2.9 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID:
CVE-2020-6794

CWE-ID:
CWE-312 – Cleartext Storage of Sensitive Information

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to an error password management functionality when working with master password that was updated after Thunderbird 60 release. The old password is still available unencrypted on the system, as Thunderbird did not delete the old password file after update.

Mitigation

Update the affected package thunderbird to version 68.5.0-1.

Vulnerable software versions

Arch Linux:

CPE
External links

https://security.archlinux.org/advisory/ASA-202002-9

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) NULL pointer dereference

Severity: Medium

CVSSv3:
5.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID:
CVE-2020-6795

CWE-ID:
CWE-476 – NULL Pointer Dereference

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The
vulnerability exists due to a NULL pointer dereference error when processing messages with multiple S/MIME signatures. A remote
attacker can send a specially crafted email message tho the victim and
crash the application.

Mitigation

Update the affected package thunderbird to version 68.5.0-1.

Vulnerable software versions

Arch Linux:

CPE
External links

https://security.archlinux.org/advisory/ASA-202002-9

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Code Injection

Severity: Medium

CVSSv3:
4.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID:
CVE-2020-6798

CWE-ID:
CWE-94 – Improper Control of Generation of Code (‘Code Injection’)

Description


The vulnerability allows a remote attacker to execute arbitrary JavaScript code on the target system.


The vulnerability exists due to improper input validation when parsing template tag. A remote attacker can confuse the JavaScript parser into executing an arbitrary JavaScript send a specially crafted request and execute arbitrary code on the target system.


Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected package thunderbird to version 68.5.0-1.

Vulnerable software versions

Arch Linux:

CPE
External links

https://security.archlinux.org/advisory/ASA-202002-9

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Memory corruption

Severity: High

CVSSv3:
7.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID:
CVE-2020-6800

CWE-ID:
CWE-119 – Improper Restriction of Operations within the Bounds of a Memory Buffer

Description


The vulnerability allows a remote attacker to execute arbitrary code on the target system.


The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.


Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected package thunderbird to version 68.5.0-1.

Vulnerable software versions

Arch Linux:

CPE
External links

https://security.archlinux.org/advisory/ASA-202002-9

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.





Source link

Write a comment:
*

Your email address will not be published.