Showing 1 - 7 of 7

CVE-2022-1834

Status Candidate

Overview

When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces. This could have been used by an attacker to send an email message with the attacker's digital signature, that was shown with an arbitrary sender email address chosen by the attacker. If the sender name started with a false email address, followed by many Braille space characters, the attacker's email address was not visible. Because Thunderbird compared the invisible sender address with the signature's email address, if the signing key or certificate was accepted by Thunderbird, the email was shown as having a valid digital signature. This vulnerability affects Thunderbird < 91.10.

Related Files

Debian Security Advisory 5158-1: Posted Jun 28, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5158-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.; tags | advisory, denial of service, arbitrary; systems | linux, debian; advisories | CVE-2022-1529, CVE-2022-1802, CVE-2022-1834, CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747; SHA-256 | 5c2531aaacd74c4fb215c2123cd84acf5167f7deff68e48f25570583cf1f5dc9; Download | Favorite | View

Red Hat Security Advisory 2022-4887-01: Posted Jun 6, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-4887-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.10.0. Issues addressed include a buffer overflow vulnerability.; tags | advisory, overflow; systems | linux, redhat; advisories | CVE-2022-1834, CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747; SHA-256 | 83b05034de2b2338b376975b5ba003a53cb61d0f9133ebbed4157eca94f4307d; Download | Favorite | View

Red Hat Security Advisory 2022-4890-01: Posted Jun 6, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-4890-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.10.0. Issues addressed include a buffer overflow vulnerability.; tags | advisory, overflow; systems | linux, redhat; advisories | CVE-2022-1834, CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747; SHA-256 | cbd69bdf1a066608fbb8a2c567e65935a60888ac09b182be021e3744daab7c7a; Download | Favorite | View

Red Hat Security Advisory 2022-4892-01: Posted Jun 6, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-4892-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.10.0. Issues addressed include a buffer overflow vulnerability.; tags | advisory, overflow; systems | linux, redhat; advisories | CVE-2022-1834, CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747; SHA-256 | 4ea37a53c20bf404f37b7880cda6fe46c5f65c0e3b6c5fade778ad40569baacd; Download | Favorite | View

Red Hat Security Advisory 2022-4888-01: Posted Jun 6, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-4888-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.10.0. Issues addressed include a buffer overflow vulnerability.; tags | advisory, overflow; systems | linux, redhat; advisories | CVE-2022-1834, CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747; SHA-256 | b3d2c633c86f3ae3591ffda5fb0edd5502b96d56c5ae75eb8445322c31e56d8f; Download | Favorite | View

Red Hat Security Advisory 2022-4889-01: Posted Jun 3, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-4889-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.10.0. Issues addressed include a buffer overflow vulnerability.; tags | advisory, overflow; systems | linux, redhat; advisories | CVE-2022-1834, CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747; SHA-256 | 71af080b26e6cc666718ad234179a3bbf15bdfcb3c59b733b624ab4e5e6075b0; Download | Favorite | View

Red Hat Security Advisory 2022-4891-01: Posted Jun 3, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-4891-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.10.0. Issues addressed include a buffer overflow vulnerability.; tags | advisory, overflow; systems | linux, redhat; advisories | CVE-2022-1834, CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31747; SHA-256 | 7db79d09ea7fa8b076420dea9fcb69a48876242307780c68dfe509369252c61b; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 269 files
Ubuntu 94 files
indoushka 31 files
Gentoo 29 files
Debian 12 files
tmrswrr 7 files
Sina Kheirkhah 7 files
Google Security Research 6 files
Jann Horn 5 files
Rodolfo Tavares 4 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,084)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,534)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,556)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,418)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,700)
UNIX (9,431)
UnixWare (187)
Windows (6,667)
Other

CVE-2022-1834

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems