![]() Select your version from the list below to see the release notes for it. An adversary could potentially cause data integrity issues by sending specially crafted messages. Firefox release notes are specific to each version of the application. Thunderbird users who use the Matrix chat protocol were vulnerable to a data corruption issue. #CVE-2022-39236: Matrix SDK bundled with Thunderbird vulnerable to a data corruption issue Reporter None Impact moderate Description Additionally, a malicious key backup to the user's account under certain unusual conditions in order to exfiltrate message keys. An adversary could spoof historical messages from other users. Thunderbird users who use the Matrix chat protocol were vulnerable to an impersonation attack. Albrecht and Dan Jones from the Information Security Group at Royal Holloway University London, Benjamin Dowling from Security of Advanced Systems Group, University of Sheffield and SofĂa Celi from Brave Software Impact high Description #CVE-2022-39251: Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack Reporter Martin R. A malicious server administrator could interfere with cross-device verification to authenticate their own device. ![]() ![]() #CVE-2022-39250: Matrix SDK bundled with Thunderbird vulnerable to a device verification attack Reporter Martin R. A malicious server administrator could fake encrypted messages to look as if they were sent from another user on that server. #CVE-2022-39249: Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack by malicious server administrators Reporter Martin R. Mozilla Foundation Security Advisory 2022-43 Security Vulnerabilities fixed in Thunderbird 102.3.1 Announced SeptemImpact high Products Thunderbird Fixed in
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |