Showing 1 - 7 of 7

CVE-2020-15685

Status Candidate

Overview

During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7.

Related Files

Ubuntu Security Notice USN-4736-1: Posted Feb 16, 2021; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4736-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that responses received during the plaintext phase of the STARTTLS connection setup were subsequently evaluated during the encrypted session. A person in the middle could potentially exploit this to perform a response injection attack. Various other issues were also addressed.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2020-15685, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960; SHA-256 | b6c1f03c7fd8c0de6f8a95513aaf24c579db20b2e4391bdcb8805ea4e08a8069; Download | Favorite | View

Red Hat Security Advisory 2021-0397-01: Posted Feb 3, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-0397-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-15685, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964; SHA-256 | b4e6707a676e0b78f768ebe9cf95234345e9e7541c287c4c509559f11edf0530; Download | Favorite | View

Gentoo Linux Security Advisory 202102-02: Posted Feb 1, 2021; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202102-2 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 78.7.0 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2020-15685, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964; SHA-256 | bbdf99cb54c3b2c1ee68bf31b38cdb8100f6315ad49a138979310d9e5243bb55; Download | Favorite | View

Red Hat Security Advisory 2021-0299-01: Posted Jan 29, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-0299-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-15685, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964; SHA-256 | 47a6c099170886d0dfec4ce713a988a2cfc638ff6c8591e9a90a90b77ed1376e; Download | Favorite | View

Red Hat Security Advisory 2021-0298-01: Posted Jan 29, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-0298-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-15685, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964; SHA-256 | 3522adef5d9665bda2b6a20a4478bdf85a0af546dacec458397fbdd1752a84dc; Download | Favorite | View

Red Hat Security Advisory 2021-0297-01: Posted Jan 29, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-0297-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-15685, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964; SHA-256 | 238fdcbe4d4917b8291e1febe41d0d12f2e523bf85472e50e2b701209c7c7d4b; Download | Favorite | View

Debian Security Advisory 4842-1: Posted Jan 28, 2021; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4842-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or an information leak.; tags | advisory, denial of service, arbitrary; systems | linux, debian; advisories | CVE-2020-15685, CVE-2020-16044, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964; SHA-256 | 89e3de7221b5cc6b8d9749c61f4b9aaceef320c125257ec4835fbba653d95ce6; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 267 files
indoushka 178 files
Jay Turla 150 files
Ubuntu 74 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Gentoo 24 files
Karn Ganeshen 23 files

File Archives

Systems

AIX (430)
Apple (2,115)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,125)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,591)
HPUX (881)
iOS (390)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,312)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,885)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,861)
UNIX (9,458)
UnixWare (188)
Windows (6,772)
Other

CVE-2020-15685

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems