漏洞信息详情
Mozilla Thunderbird 资源管理错误漏洞
- CNNVD编号:CNNVD-202104-1333 <!--
- 危害等级: 高危-->
- 危害等级: 高危
- CVE编号: CVE-2021-23995
- 漏洞类型: 资源管理错误
- 发布时间: 2021-04-19
- 威胁类型: 远程
- 更新时间: 2021-08-25
- 厂 商:
- 漏洞来源: Gentoo
-
漏洞简介
Mozilla Thunderbird是美国Mozilla基金会的一套从Mozilla Application Suite独立出来的电子邮件客户端软件。该软件支持IMAP、POP邮件协议以及HTML邮件格式。
Mozilla Thunderbird 存在资源管理错误漏洞,该漏洞源于远程攻击者可利用该漏洞可以创建一个特别制作的网页,诱骗受害者使用受影响的软件打开网页,触发付费后使用错误,并在目标系统上执行任意代码。以下产品及版本受到影响:Mozilla Thunderbird: 60.0, 60.2.1, 60.3, 60.3.0, 60.3.1, 60.3.2, 60.3.3, 60.4, 60.4.0, 60.5, 60.5.0, 60.5.1, 60.5.2, 60.5.3, 60.6.0, 60.6.1, 60.7.0, 60.7.1, 60.7.2, 60.8.0, 60.9.0, 60.9.1, 68.0, 68.1.0, 68.1.1, 68.1.2, 68.2.0, 68.2.1, 68.2.2, 68.3.0, 68.3.1, 68.4.1, 68.4.2, 68.5.0, 68.6.0, 68.7.0, 68.8.0, 68.8.1, 68.9.0, 68.10.0, 68.11.0, 68.12.0, 68.12.1, 78.0, 78.0.1, 78.1.0, 78.1.1, 78.2.0, 78.2.1, 78.2.2, 78.3.0, 78.3.1, 78.3.2, 78.3.3, 78.4.0, 78.4.1, 78.4.2, 78.4.3, 78.5.0, 78.5.1, 78.6.0, 78.6.1, 78.7.0, 78.7.1, 78.8.0, 78.8.1, 78.9.0, 78.9.1。
漏洞公告
目前厂商已发布升级补丁以修复漏洞,补丁获取链接:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-16/
参考网址
来源:MISC
链接:https://www.mozilla.org/security/advisories/mfsa2021-14/
来源:MISC
链接:https://www.mozilla.org/security/advisories/mfsa2021-15/
来源:MISC
链接:https://www.mozilla.org/security/advisories/mfsa2021-16/
来源:MISC
链接:https://bugzilla.mozilla.org/show_bug.cgi?id=1699835
来源:vigilance.fr
链接:https://vigilance.fr/vulnerability/Firefox-Thunderbird-multiple-vulnerabilities-35108
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/162418/Gentoo-Linux-Security-Advisory-202104-09.html
来源:www.cybersecurity-help.cz
链接:https://www.cybersecurity-help.cz/vdb/SB2021050102
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/162353/Ubuntu-Security-Notice-USN-4926-1.html
来源:nvd.nist.gov
链接:https://nvd.nist.gov/vuln/detail/CVE-2021-23995
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/162327/Red-Hat-Security-Advisory-2021-1353-01.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.1403
来源:www.cybersecurity-help.cz
链接:https://www.cybersecurity-help.cz/vdb/SB2021042825
来源:www.cybersecurity-help.cz
链接:https://www.cybersecurity-help.cz/vdb/SB2021042606
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.1438
来源:www.cybersecurity-help.cz
链接:https://www.cybersecurity-help.cz/vdb/SB2021041920
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/163247/Ubuntu-Security-Notice-USN-4995-1.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.1460
来源:www.cybersecurity-help.cz
链接:https://www.cybersecurity-help.cz/vdb/SB2021042934
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.2240
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.1312
来源:www.cybersecurity-help.cz
链接:https://www.cybersecurity-help.cz/vdb/SB2021042212
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.1344
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.2212
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/163284/Ubuntu-Security-Notice-USN-4995-2.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.1380
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.1390
受影响实体
暂无
补丁
- Mozilla Thunderbird 资源管理错误漏洞的修复措施<!--2021-4-19-->
还没有评论,来说两句吧...