what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2020-26970

Status Candidate

Overview

When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable. This vulnerability affects Thunderbird < 78.5.1.

Related Files

Ubuntu Security Notice USN-4701-1
Posted Jan 20, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4701-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass the CSS sanitizer, or execute arbitrary code. It was discovered that the proxy.onRequest API did not catch view-source URLs. If a user were tricked in to installing an extension with the proxy permission and opening View Source, an attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-16042, CVE-2020-26970, CVE-2020-26973, CVE-2020-26974, CVE-2020-35111, CVE-2020-35113
SHA-256 | 1074e9c60b4f3aa25817c65900473466ad1d61de91ee2b39415cd68b2b3d141a
Debian Security Advisory 4802-1
Posted Dec 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4802-1 - Chiaki Ishikawa discovered a stack overflow in SMTP server status handling which could potentially result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2020-26970
SHA-256 | 8d5444b9b43c99430450d6298b4adc1770bb19a59fcce6879c1c7a73f432c355
Red Hat Security Advisory 2020-5645-01
Posted Dec 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5645-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.6.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-16042, CVE-2020-26970, CVE-2020-26971, CVE-2020-26973, CVE-2020-26974, CVE-2020-26978, CVE-2020-35111, CVE-2020-35113
SHA-256 | c3b8d96edc20367b29b6f1567947889144e9e30c79eeaebacc093d90b4c06f30
Red Hat Security Advisory 2020-5644-01
Posted Dec 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5644-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.6.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-16042, CVE-2020-26970, CVE-2020-26971, CVE-2020-26973, CVE-2020-26974, CVE-2020-26978, CVE-2020-35111, CVE-2020-35113
SHA-256 | 9d6b9ce88303489777415c0698630da4a4b24f0c0dea446783c5dfab50281584
Red Hat Security Advisory 2020-5400-01
Posted Dec 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5400-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.5.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-26970
SHA-256 | cfac5064847628ca5f7033c593c040886242a6b6785eb27a7cb7feb387005279
Red Hat Security Advisory 2020-5399-01
Posted Dec 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5399-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.5.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-26970
SHA-256 | c34e8e04f3e314513c74bdc43e2e8a88b95349fcc693072715fea384cbd8c6d5
Red Hat Security Advisory 2020-5398-01
Posted Dec 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5398-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.5.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-26970
SHA-256 | d5835cf764040458abe7c0e3ab54e7444779062315e17e487b8a6eb4eef2825b
Gentoo Linux Security Advisory 202012-04
Posted Dec 7, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-4 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to the execution of arbitrary code. Versions less than 78.5.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-15999, CVE-2020-16012, CVE-2020-26951, CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26968, CVE-2020-26970
SHA-256 | ab9e7a2e76c996df0e3907c1b46c919a8930419ea081e83116964f27249ecc34
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close