PT-2020-6731 · Mozilla+5 · Thunderbird+5

Chiaki Ishikawa

Published

2020-02-11

Updated

2024-06-15

CVE-2020-6793

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Thunderbird versions prior to 68.5

Description The issue is related to Thunderbird's processing of email messages with ill-formed envelopes, which could lead to reading data from a random memory location. This is due to a buffer overflow in memory, allowing an attacker to potentially disclose protected information by sending a specially crafted email message.

Recommendations For versions prior to 68.5, update to version 68.5 or later to resolve the issue.

Exploit

Fix

Out of bounds Read

Use of Uninitialized Resource

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-908

Related Identifiers

ALT-PU-2020-1182

ALT-PU-2020-1515

BDU:2022-05807

CESA-2020_0574

CESA-2020_0576

CESA-2020_0577

CVE-2020-6793

DLA-2104-1

DSA-4625-1

MGASA-2020-0091

OPENSUSE-SU-2020:0231-1

OPENSUSE-SU-2020_0231-1

OPENSUSE-SU-2024:10601-1

RHSA-2020:0565

RHSA-2020:0574

RHSA-2020:0576

RHSA-2020:0577

RHSA-2020_0574

RHSA-2020_0576

RHSA-2020_0577

SUSE-SU-2020:0385-1

USN-4328-1

USN-4335-1

Affected Products

Alt Linux

Centos

Red Hat

Suse

Thunderbird

Ubuntu

PT-2020-6731 · Mozilla+5 · Thunderbird+5

CVE-2020-6793

Weakness Enumeration

Related Identifiers

Affected Products

References · 477