all InfoSec news
USN-6015-1: Thunderbird vulnerabilities
April 13, 2023, 3:49 a.m. |
Ubuntu security notices ubuntu.com
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code. (CVE-2023-1945, CVE-2023-29548,
CVE-2023-29550)
Paul Menzel discovered that Thunderbird did not properly validate OCSP
revocation status of recipient certificates when sending S/Mime encrypted
email. An attacker could potentially exploits this issue to perform
spoofing attack. …
attack browsing bypass certificates code context cross-site cve denial of service email encrypted exploit exploits information manage memory messages mime ocsp openpgp parsing paul restrictions security security issues sensitive information service spoofing spoofing attack team thunderbird tracing usn vulnerabilities website
More from ubuntu.com / Ubuntu security notices
USN-6804-1: GNU C Library vulnerabilities
1 day, 22 hours ago |
ubuntu.com
USN-6803-1: FFmpeg vulnerabilities
2 days, 20 hours ago |
ubuntu.com
USN-6800-1: browserify-sign vulnerability
3 days, 2 hours ago |
ubuntu.com
USN-6798-1: GStreamer Base Plugins vulnerability
3 days, 21 hours ago |
ubuntu.com
USN-6796-1: TPM2 Software Stack vulnerabilities
3 days, 23 hours ago |
ubuntu.com
USN-6797-1: Intel Microcode vulnerabilities
4 days, 5 hours ago |
ubuntu.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)