Showing 1 - 9 of 9

CVE-2020-6794

Status Candidate

Overview

If a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Thunderbird 60. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations. This vulnerability affects Thunderbird < 68.5.

Related Files

Ubuntu Security Notice USN-4335-1: Posted Apr 22, 2020; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4335-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, bypass same-origin restrictions, conduct cross-site scripting attacks, or execute arbitrary code. Various other issues were also addressed.; tags | advisory, denial of service, arbitrary, xss; systems | linux, ubuntu; advisories | CVE-2019-11745, CVE-2019-11755, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11763, CVE-2019-11764, CVE-2019-15903, CVE-2019-17005, CVE-2019-17008, CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026, CVE-2020-6792, CVE-2020-6794, CVE-2020-6798, CVE-2020-6800, CVE-2020-6805, CVE-2020-6811, CVE-2020-6812, CVE-2020-6814, CVE-2020-6821, CVE-2020-6822, CVE-2020-6825; SHA-256 | 5b0f96c8e531ef4c9797c7c8b829d69de481a70cc62c8097c6bd38d1c1677453; Download | Favorite | View

Ubuntu Security Notice USN-4328-1: Posted Apr 13, 2020; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4328-1 - It was discovered that Message ID calculation was based on uninitialized data. An attacker could potentially exploit this to obtain sensitive information. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. Various other issues were also addressed.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2019-20503, CVE-2020-6792, CVE-2020-6794, CVE-2020-6795, CVE-2020-6805, CVE-2020-6806, CVE-2020-6811, CVE-2020-6814, CVE-2020-6819, CVE-2020-6820, CVE-2020-6822; SHA-256 | f88fa78052414e963031d9b8353b20e056a0314a78805983ab7a4b73b4fa4c5c; Download | Favorite | View

Gentoo Linux Security Advisory 202003-10: Posted Mar 14, 2020; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202003-10 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 68.6.0 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2019-11745, CVE-2019-11757, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-17005, CVE-2019-17008, CVE-2019-17010, CVE-2019-17011, CVE-2019-17012, CVE-2019-20503, CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6798, CVE-2020-6800, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6811, CVE-2020-6812, CVE-2020-6814; SHA-256 | 2bd6c6d0e9248abe6d1894cda6c23b4295f3ce1bc21529d3a5ffdc34d8150bbd; Download | Favorite | View

Red Hat Security Advisory 2020-0576-01: Posted Feb 25, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-0576-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.5.0.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6798, CVE-2020-6800; SHA-256 | 978c1b0b59479617849e1dae241a04727b4528b0656bd8755d3b6277b6d7f915; Download | Favorite | View

Red Hat Security Advisory 2020-0574-01: Posted Feb 25, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-0574-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.5.0.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6798, CVE-2020-6800; SHA-256 | 1cec59a9d56cb85f669867c729230ee3a37df94d027fa1ba9300b54e466cfb09; Download | Favorite | View

Red Hat Security Advisory 2020-0577-01: Posted Feb 25, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-0577-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.5.0.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6798, CVE-2020-6800; SHA-256 | ea3f90f26563835e30c91b8bfd293fece5cdb34be413d5dc305859e058425b0b; Download | Favorite | View

Red Hat Security Advisory 2020-0565-01: Posted Feb 21, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-0565-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.5.0. Memory safety issues and various other vulnerabilities have been addressed.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6798, CVE-2020-6800; SHA-256 | 3ab5bdb88120ae5e4fd89544676111763fc17ab8b4c152f64e39e5f2995c8764; Download | Favorite | View

Debian Security Advisory 4625-1: Posted Feb 17, 2020; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4625-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service.; tags | advisory, denial of service, arbitrary; systems | linux, debian; advisories | CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6798, CVE-2020-6800; SHA-256 | 1885d99d6dbbcf1544713feb0901f8b29d07769bd3ff310279c79c7316273a52; Download | Favorite | View

Slackware Security Advisory - mozilla-thunderbird Updates: Posted Feb 14, 2020; Authored by Slackware Security Team | Site slackware.com; Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.; tags | advisory; systems | linux, slackware; advisories | CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6797, CVE-2020-6798, CVE-2020-6800; SHA-256 | 99f04b86268fb22a08e70ff9ef4ddfd161a7f6189c3363589e59d22f54fc13a5; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 317 files
Ubuntu 66 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 10 files
nu11secur1ty 8 files
Google Security Research 6 files
Milad Karimi 6 files
Yevhenii Butenko 4 files
Jann Horn 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,025)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,477)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,700)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,478)
UNIX (9,394)
UnixWare (187)
Windows (6,653)
Other

CVE-2020-6794

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems