CVE-2025-3877

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Thunderbird versions prior to 128.10.1 Thunderbird versions prior to 138.0.1

Description: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting. This behavior can be abused to fill the disk with garbage data or to leak Windows credentials via SMB links when the email is viewed in HTML mode. Viewing the email in HTML mode is enough to load external content.

Recommendations: For Thunderbird versions prior to 128.10.1, update to version 128.10.1 or later to resolve the issue. For Thunderbird versions prior to 138.0.1, update to version 138.0.1 or later to resolve the issue. As a temporary workaround, consider disabling HTML mode for email viewing until a patch is available. Restrict access to external content when viewing emails in HTML mode to minimize the risk of exploitation.

Fix

Information Disclosure

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-434

Related Identifiers

ALSA-2025:8196

ALSA-2025:8756

BDU:2025-05735

CESA-2025_8756

CVE-2025-3877

DLA-4167-1

DSA-5921-1

INFSA-2025_8203

INFSA-2025_8756

MGASA-2025-0168

OPENSUSE-SU-2025:15131-1

OPENSUSE-SU-2025_01660-1

RHSA-2025:8196

RHSA-2025:8203

RHSA-2025:8324

RHSA-2025:8325

RHSA-2025:8326

RHSA-2025:8391

RHSA-2025:8507

RHSA-2025:8594

RHSA-2025:8756

RHSA-2025:8784

RHSA-2025_8203

RHSA-2025_8756

SUSE-SU-2025:01660-1

SUSE-SU-2025:01660-2

Affected Products

Almalinux

Centos

Debian

Red Hat

Red Os

Rocky Linux

Suse

Thunderbird

CVE-2025-3877

Weakness Enumeration

Related Identifiers

Affected Products

References · 69