what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2020-15685

Status Candidate

Overview

During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7.

Related Files

Ubuntu Security Notice USN-4736-1
Posted Feb 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4736-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that responses received during the plaintext phase of the STARTTLS connection setup were subsequently evaluated during the encrypted session. A person in the middle could potentially exploit this to perform a response injection attack. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15685, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960
SHA-256 | b6c1f03c7fd8c0de6f8a95513aaf24c579db20b2e4391bdcb8805ea4e08a8069
Red Hat Security Advisory 2021-0397-01
Posted Feb 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0397-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15685, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | b4e6707a676e0b78f768ebe9cf95234345e9e7541c287c4c509559f11edf0530
Gentoo Linux Security Advisory 202102-02
Posted Feb 1, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202102-2 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 78.7.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-15685, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | bbdf99cb54c3b2c1ee68bf31b38cdb8100f6315ad49a138979310d9e5243bb55
Red Hat Security Advisory 2021-0299-01
Posted Jan 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0299-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15685, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | 47a6c099170886d0dfec4ce713a988a2cfc638ff6c8591e9a90a90b77ed1376e
Red Hat Security Advisory 2021-0298-01
Posted Jan 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0298-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15685, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | 3522adef5d9665bda2b6a20a4478bdf85a0af546dacec458397fbdd1752a84dc
Red Hat Security Advisory 2021-0297-01
Posted Jan 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0297-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15685, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | 238fdcbe4d4917b8291e1febe41d0d12f2e523bf85472e50e2b701209c7c7d4b
Debian Security Advisory 4842-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4842-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or an information leak.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2020-15685, CVE-2020-16044, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | 89e3de7221b5cc6b8d9749c61f4b9aaceef320c125257ec4835fbba653d95ce6
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    12 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close