CVE-2023-0616

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Thunderbird versions prior to 102.8

Description The issue is related to the processing of OpenPGP and OpenPGP MIME data in a specific way, which could cause Thunderbird's user interface to lock up and no longer respond to user actions. An attacker could send a crafted message to attempt a DoS attack by exploiting this error.

Recommendations For versions prior to 102.8, update to version 102.8 or later to resolve the issue. As a temporary workaround, consider avoiding the use of OpenPGP and OpenPGP MIME data in emails until the update is applied.

Fix

DoS

Allocation of Resources Without Limits

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-400CWE-449

Related Identifiers

ALSA-2023:0821

ALSA-2023:0824

ALT-PU-2023-1374

ALT-PU-2023-1411

ALT-PU-2023-1765

ALT-PU-2023-4366

BDU:2023-01028

CESA-2023_0817

CESA-2023_0821

CVE-2023-0616

DLA-3324-1

DSA-5355-1

MGASA-2023-0057

OPENSUSE-SU-2024:12713-1

RHSA-2023:0817

RHSA-2023:0818

RHSA-2023:0819

RHSA-2023:0820

RHSA-2023:0821

RHSA-2023:0822

RHSA-2023:0823

RHSA-2023:0824

RHSA-2023_0817

RHSA-2023_0821

RHSA-2023_0824

RLSA-2023:0821

RLSA-2023:0824

SUSE-SU-2023:0599-1

USN-5943-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Red Hat

Rocky Linux

Thunderbird

Ubuntu

CVE-2023-0616

Weakness Enumeration

Related Identifiers

Affected Products

References · 102