Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird < 78.10.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Mozilla

Thunderbird

Affected Versions:

unspecified

References

https://www.mozilla.org/security/advisories/mfsa2021-14/

https://bugzilla.mozilla.org/show_bug.cgi?id=1692899

Published: 2021-06-24T13:19:32

Last Modified: 2024-08-03T22:18:03.284Z

Copied to clipboard!