what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2020-15685

Status Candidate

Overview

During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7.

Related Files

Ubuntu Security Notice USN-4736-1
Posted Feb 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4736-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that responses received during the plaintext phase of the STARTTLS connection setup were subsequently evaluated during the encrypted session. A person in the middle could potentially exploit this to perform a response injection attack. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15685, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960
SHA-256 | b6c1f03c7fd8c0de6f8a95513aaf24c579db20b2e4391bdcb8805ea4e08a8069
Download | Favorite | View
Red Hat Security Advisory 2021-0397-01
Posted Feb 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0397-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15685, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | b4e6707a676e0b78f768ebe9cf95234345e9e7541c287c4c509559f11edf0530
Download | Favorite | View
Gentoo Linux Security Advisory 202102-02
Posted Feb 1, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202102-2 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 78.7.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-15685, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | bbdf99cb54c3b2c1ee68bf31b38cdb8100f6315ad49a138979310d9e5243bb55
Download | Favorite | View
Red Hat Security Advisory 2021-0299-01
Posted Jan 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0299-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15685, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | 47a6c099170886d0dfec4ce713a988a2cfc638ff6c8591e9a90a90b77ed1376e
Download | Favorite | View
Red Hat Security Advisory 2021-0298-01
Posted Jan 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0298-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15685, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | 3522adef5d9665bda2b6a20a4478bdf85a0af546dacec458397fbdd1752a84dc
Download | Favorite | View
Red Hat Security Advisory 2021-0297-01
Posted Jan 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0297-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-15685, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | 238fdcbe4d4917b8291e1febe41d0d12f2e523bf85472e50e2b701209c7c7d4b
Download | Favorite | View
Debian Security Advisory 4842-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4842-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or an information leak.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2020-15685, CVE-2020-16044, CVE-2020-26976, CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964
SHA-256 | 89e3de7221b5cc6b8d9749c61f4b9aaceef320c125257ec4835fbba653d95ce6
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close