PT-2022-1773 · Mozilla+10 · Thunderbird+10

Published

2022-02-15

Updated

2024-06-15

CVE-2022-0566

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Thunderbird versions prior to 91.6.1

Description The issue is related to an out-of-bounds write when processing a crafted email message, potentially allowing a remote attacker to execute arbitrary code. This is due to a buffer overflow vulnerability in the Mozilla Thunderbird email client.

Recommendations For versions prior to 91.6.1, update to version 91.6.1 or later to resolve the issue. As a temporary workaround, consider restricting the handling of email messages from untrusted sources until the update is applied.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2022:0845

ALT-PU-2022-1447

ALT-PU-2022-1479

ALT-PU-2022-1502

ALT-PU-2022-2053

BDU:2022-01072

CESA-2022_0845

CESA-2022_0850

CVE-2022-0566

DLA-2930-1

DSA-5086-1

MGASA-2022-0072

OPENSUSE-SU-2022:0559-1

OPENSUSE-SU-2022_0559-1

OPENSUSE-SU-2024:11856-1

RHSA-2022:0843

RHSA-2022:0845

RHSA-2022:0847

RHSA-2022:0850

RHSA-2022:0853

RHSA-2022_0845

RHSA-2022_0850

RLSA-2022:0845

SUSE-SU-2022:0559-1

USN-5345-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Thunderbird

Ubuntu

PT-2022-1773 · Mozilla+10 · Thunderbird+10

CVE-2022-0566

Weakness Enumeration

Related Identifiers

Affected Products

References · 83