all InfoSec news
USN-6015-1: Thunderbird vulnerabilities
April 13, 2023, 3:49 a.m. |
Ubuntu security notices ubuntu.com
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code. (CVE-2023-1945, CVE-2023-29548,
CVE-2023-29550)
Paul Menzel discovered that Thunderbird did not properly validate OCSP
revocation status of recipient certificates when sending S/Mime encrypted
email. An attacker could potentially exploits this issue to perform
spoofing attack. …
attack browsing bypass certificates code context cross-site cve denial of service email encrypted exploit exploits information manage memory messages mime ocsp openpgp parsing paul restrictions security security issues sensitive information service spoofing spoofing attack team thunderbird tracing usn vulnerabilities website
More from ubuntu.com / Ubuntu security notices
USN-6757-2: PHP vulnerabilities
4 days, 16 hours ago |
ubuntu.com
USN-6762-1: GNU C Library vulnerabilities
4 days, 19 hours ago |
ubuntu.com
USN-6747-2: Firefox regressions
5 days, 4 hours ago |
ubuntu.com
USN-6760-1: Gerbv vulnerability
6 days, 9 hours ago |
ubuntu.com
LSN-0103-1: Kernel Live Patch Security Notice
6 days, 21 hours ago |
ubuntu.com
USN-6758-1: JSON5 vulnerability
6 days, 21 hours ago |
ubuntu.com
Jobs in InfoSec / Cybersecurity
Security Operations Program Manager
@ Microsoft | Redmond, Washington, United States
Sr. Network Security engineer
@ NXP Semiconductors | Bengaluru (Nagavara)
DevSecOps Engineer
@ RP Pro Services | Washington, District of Columbia, United States
Consultant RSSI H/F
@ Hifield | Sèvres, France
TW Senior Test Automation Engineer (Access Control & Intrusion Systems)
@ Bosch Group | Taipei, Taiwan
Cyber Security, Senior Manager
@ Triton AI Pte Ltd | Singapore, Singapore, Singapore