CVE-2020-6795
Summary
| CVE | CVE-2020-6795 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2020-03-02 05:15:00 UTC |
|---|
| Updated | 2020-03-14 19:15:00 UTC |
|---|
| Description | When processing a message that contains multiple S/MIME signatures, a bug in the MIME processing code caused a null pointer dereference, leading to an unexploitable crash. This vulnerability affects Thunderbird < 68.5. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Mozilla Thunderbird: Multiple vulnerabilities (GLSA 202003-10) — Gentoo security |
GENTOO |
security.gentoo.org |
|
| USN-4328-1: Thunderbird vulnerabilities | Ubuntu security notices | Ubuntu |
UBUNTU |
usn.ubuntu.com |
|
| 1611105 - (CVE-2020-6795) TB crashes during opening s/mime signed mail from mailman mailinglist |
MISC |
bugzilla.mozilla.org |
Permissions Required |
| USN-4335-1: Thunderbird vulnerabilities | Ubuntu security notices |
UBUNTU |
usn.ubuntu.com |
|
| Security Vulnerabilities fixed in Thunderbird 68.5 — Mozilla |
MISC |
www.mozilla.org |
Vendor Advisory |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 296076 Oracle Solaris 11.4 Support Repository Update (SRU) 19.3.0 Missing (CPUJAN2020)
- 377039 Alibaba Cloud Linux Security Update for thunderbird (ALINUX2-SA-2020:0025)
- 502371 Alpine Linux Security Update for thunderbird
