If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted message with this structure to attempt a DoS attack. This vulnerability affects Thunderbird < 102.8.
References
Link | Resource |
---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1806507 | Issue Tracking Permissions Required Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2023-07/ | Vendor Advisory |
https://bugzilla.mozilla.org/show_bug.cgi?id=1806507 | Issue Tracking Permissions Required Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2023-07/ | Vendor Advisory |
Configurations
History
21 Nov 2024, 07:37
Type | Values Removed | Values Added |
---|---|---|
References | () https://bugzilla.mozilla.org/show_bug.cgi?id=1806507 - Issue Tracking, Permissions Required, Vendor Advisory | |
References | () https://www.mozilla.org/security/advisories/mfsa2023-07/ - Vendor Advisory |
08 Jun 2023, 19:35
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* | |
CWE | CWE-400 | |
References | (MISC) https://www.mozilla.org/security/advisories/mfsa2023-07/ - Vendor Advisory | |
References | (MISC) https://bugzilla.mozilla.org/show_bug.cgi?id=1806507 - Issue Tracking, Permissions Required, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
02 Jun 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-02 17:15
Updated : 2024-11-21 07:37
NVD link : CVE-2023-0616
Mitre link : CVE-2023-0616
CVE.ORG link : CVE-2023-0616
JSON object : View
Products Affected
mozilla
- thunderbird
CWE
CWE-400
Uncontrolled Resource Consumption