Showing 1 - 10 of 10

CVE-2022-45414

Status Candidate

Overview

If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER attribute or an OBJECT tag with a DATA attribute, a network request to the referenced remote URL was performed, regardless of a configuration to block remote content. An image loaded from the POSTER attribute was shown in the composer window. These issues could have given an attacker additional capabilities when targetting releases that did not yet have a fix for CVE-2022-3033 which was reported around three months ago. This vulnerability affects Thunderbird < 102.5.1.

Related Files

Ubuntu Security Notice USN-5824-1: Posted Feb 6, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5824-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2022-45403, CVE-2022-45405, CVE-2022-45406, CVE-2022-45408, CVE-2022-45410, CVE-2022-45411, CVE-2022-45412, CVE-2022-45414, CVE-2022-45416, CVE-2022-45420, CVE-2022-45421, CVE-2022-46871, CVE-2022-46872, CVE-2022-46874; SHA-256 | 81782ffc0ab62b78ae676ec823ae25c5a4f536fbe51970837da19909f9a4ca01; Download | Favorite | View

Debian Security Advisory 5303-1: Posted Dec 19, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5303-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure.; tags | advisory, arbitrary, info disclosure; systems | linux, debian; advisories | CVE-2022-45414, CVE-2022-46872, CVE-2022-46874, CVE-2022-46878, CVE-2022-46880, CVE-2022-46881, CVE-2022-46882; SHA-256 | 6a68d09cb97ada3f07f5a471f0b3bd3767cbb42e4898f1c3080317955786cd7d; Download | Favorite | View

Red Hat Security Advisory 2022-9075-01: Posted Dec 16, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-9075-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.6.0. Issues addressed include a use-after-free vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-45414, CVE-2022-46872, CVE-2022-46874, CVE-2022-46878, CVE-2022-46880, CVE-2022-46881, CVE-2022-46882; SHA-256 | 3f23d76e9f2db03c5a989102bdca52c70c506d81769e53e92f70300821007e16; Download | Favorite | View

Red Hat Security Advisory 2022-9076-01: Posted Dec 16, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-9076-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.6.0. Issues addressed include a use-after-free vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-45414, CVE-2022-46872, CVE-2022-46874, CVE-2022-46878, CVE-2022-46880, CVE-2022-46881, CVE-2022-46882; SHA-256 | 01e39f3e2bbfec7bec71b50ca4b4cfe3dc9f3259f567f41af28ca6cbe7cc030a; Download | Favorite | View

Red Hat Security Advisory 2022-9074-01: Posted Dec 16, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-9074-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.6.0. Issues addressed include a use-after-free vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-45414, CVE-2022-46872, CVE-2022-46874, CVE-2022-46878, CVE-2022-46880, CVE-2022-46881, CVE-2022-46882; SHA-256 | 5972e86ad1a3f62e2038dbe2a2cbcf7a3b3b35e8eda63544078cf9e28fdf3050; Download | Favorite | View

Red Hat Security Advisory 2022-9078-01: Posted Dec 16, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-9078-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.6.0. Issues addressed include a use-after-free vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-45414, CVE-2022-46872, CVE-2022-46874, CVE-2022-46878, CVE-2022-46880, CVE-2022-46881, CVE-2022-46882; SHA-256 | 03986d18865b9e7a2e40b2d7a39b4b39d4241d621760e58392895cb8c205558b; Download | Favorite | View

Red Hat Security Advisory 2022-9080-01: Posted Dec 16, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-9080-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.6.0. Issues addressed include a use-after-free vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-45414, CVE-2022-46872, CVE-2022-46874, CVE-2022-46878, CVE-2022-46880, CVE-2022-46881, CVE-2022-46882; SHA-256 | 21c2264991f1b4cd0be914ced92250c1cac82e9d0d976020c299e327249507de; Download | Favorite | View

Red Hat Security Advisory 2022-9081-01: Posted Dec 16, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-9081-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.6.0. Issues addressed include a use-after-free vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-45414, CVE-2022-46872, CVE-2022-46874, CVE-2022-46878, CVE-2022-46880, CVE-2022-46881, CVE-2022-46882; SHA-256 | 5182332b8095fae04e7b9b7ebcc4c2fb936a3d834346baf5aaa3c78a79525fb1; Download | Favorite | View

Red Hat Security Advisory 2022-9079-01: Posted Dec 16, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-9079-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.6.0. Issues addressed include a use-after-free vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-45414, CVE-2022-46872, CVE-2022-46874, CVE-2022-46878, CVE-2022-46880, CVE-2022-46881, CVE-2022-46882; SHA-256 | 9f18c1956bd51b0c0ec62450a5c214385d893167c293e8e0c18e69c13496bf73; Download | Favorite | View

Red Hat Security Advisory 2022-9077-01: Posted Dec 16, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-9077-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.6.0. Issues addressed include a use-after-free vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-45414, CVE-2022-46872, CVE-2022-46874, CVE-2022-46878, CVE-2022-46880, CVE-2022-46881, CVE-2022-46882; SHA-256 | 5f03e6db1f55141bbc88868d9b1c50f6d3e9a46061691fde462da31d4deb61eb; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 240 files
indoushka 87 files
Ubuntu 85 files
Debian 22 files
LiquidWorm 21 files
Gentoo 8 files
Google Security Research 8 files
malvuln 5 files
Seth Jenkins 4 files
Emiliano Febbi 4 files

File Archives

Systems

AIX (430)
Apple (2,117)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,147)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (391)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,669)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,125)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,946)
UNIX (9,470)
UnixWare (188)
Windows (6,784)
Other

CVE-2022-45414

Overview

Related Files

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems