all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-6750-1: Thunderbird vulnerabilities

Add to bookmarks
April 25, 2024, 3:24 a.m. |

Ubuntu security notices ubuntu.com

Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code. (CVE-2024-2609, CVE-2024-3852,
CVE-2024-3864)

Bartek Nowotarski discovered that Thunderbird did not properly limit HTTP/2
CONTINUATION frames. An attacker could potentially exploit this issue to
cause a denial of service. (CVE-2024-3302)

Lukas Bernhard discovered that Thunderbird …

arbitrary code attacker browsing bypass code context cross-site cve cve-2024 denial of service exploit information restrictions security security issues sensitive sensitive information service thunderbird tracing usn vulnerabilities website

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6778-1: Linux kernel vulnerabilities 2 days, 2 hours ago | ubuntu.com
attacker broadcom crash cve +20
USN-6777-1: Linux kernel vulnerabilities 2 days, 2 hours ago | ubuntu.com
attacker broadcom crash cve +20
USN-6776-1: Linux kernel vulnerabilities 2 days, 3 hours ago | ubuntu.com
attacker broadcom crash cve +20
USN-6775-1: Linux kernel vulnerabilities 2 days, 4 hours ago | ubuntu.com
attacker broadcom crash cve +20
USN-6774-1: Linux kernel vulnerabilities 2 days, 5 hours ago | ubuntu.com
attacker broadcom crash cve +18
USN-6773-1: .NET vulnerabilities 2 days, 6 hours ago | ubuntu.com
attacker code code execution cve +10
USN-6766-2: Linux kernel vulnerabilities 3 days, 4 hours ago | ubuntu.com
action attacker conditions crash +19
USN-6772-1: strongSwan vulnerability 4 days, 8 hours ago | ubuntu.com
access access controls attacker bypass +6
USN-6767-2: Linux kernel (BlueField) vulnerabilities 4 days, 10 hours ago | ubuntu.com
attacker compromise crash cve +18

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Security Operations Manager-West Coast

@ The Walt Disney Company | USA - CA - 2500 Broadway Street
View on infosec-jobs.com

Vulnerability Analyst - Remote (WFH)

@ Cognitive Medical Systems | Phoenix, AZ, US | Oak Ridge, TN, US | Austin, TX, US | Oregon, US | Austin, TX, US
View on infosec-jobs.com

Senior Mainframe Security Administrator

@ Danske Bank | Copenhagen V, Denmark
View on infosec-jobs.com