Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2021-29969 | First vendor Publication | 2021-08-05 |
Vendor | Cve | Last vendor Modification | 2022-12-09 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | |||
---|---|---|---|
Overall CVSS Score | 5.9 | ||
Base Score | 5.9 | Environmental Score | 5.9 |
impact SubScore | 3.6 | Temporal Score | 5.9 |
Exploitabality Sub Score | 2.2 | ||
Attack Vector | Network | Attack Complexity | High |
Privileges Required | None | User Interaction | None |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | None | Availability Impact | None |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 4.3 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completion of the STARTTLS handshake, then Thunderbird didn't ignore the injected data. This could have resulted in Thunderbird showing incorrect information, for example the attacker could have tricked Thunderbird to show folders that didn't exist on the IMAP server. This vulnerability affects Thunderbird < 78.12. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-552 | Files or Directories Accessible to External Parties |
CPE : Common Platform Enumeration
Sources (Detail)
Source | Url |
---|---|
GENTOO | https://security.gentoo.org/glsa/202208-14 |
MISC | https://bugzilla.mozilla.org/show_bug.cgi?id=1682370 https://www.mozilla.org/security/advisories/mfsa2021-30/ |
Alert History
Date | Informations |
---|---|
2024-02-02 02:24:48 |
|
2024-02-01 12:23:34 |
|
2023-09-05 13:19:06 |
|
2023-09-05 01:23:06 |
|
2023-09-02 13:17:44 |
|
2023-09-02 01:23:27 |
|
2023-08-12 13:23:45 |
|
2023-08-12 01:22:39 |
|
2023-08-11 13:16:04 |
|
2023-08-11 01:23:23 |
|
2023-08-06 13:14:05 |
|
2023-08-06 01:22:24 |
|
2023-08-04 13:14:28 |
|
2023-08-04 01:22:44 |
|
2023-07-14 13:14:29 |
|
2023-07-14 01:22:33 |
|
2023-03-29 02:16:42 |
|
2023-03-28 12:22:47 |
|
2022-12-10 00:27:39 |
|
2022-10-11 13:06:32 |
|
2022-10-11 01:22:18 |
|
2022-08-11 00:43:24 |
|
2021-08-12 21:23:16 |
|
2021-08-06 00:22:48 |
|