certfr_avis - CERTFR-2023-AVI-0595

CERTFR-2023-AVI-0595

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans Mozilla Thunderbird. Elle permet à un attaquant de provoquer une exécution de code arbitraire et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Mozilla	Thunderbird	Mozilla Thunderbird versions antérieures à 102.13.1

References

Title

Publication Time

CVE-2023-3417 (GCVE-0-2023-3417)

Vulnerability from cvelistv5 – Published: 2023-07-24 10:09 – Updated: 2025-02-13 16:55

Summary

Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This vulnerability affects Thunderbird < 115.0.1 and Thunderbird < 102.13.1.

Severity ?

No CVSS data available.

CWE

File Extension Spoofing using the Text Direction Override Character

Assigner

mozilla

References

URL

Tags

	https://bugzilla.mozilla.org/show_bug.cgi?id=1835582
	https://www.mozilla.org/security/advisories/mfsa2…
	https://www.mozilla.org/security/advisories/mfsa2…
	https://www.debian.org/security/2023/dsa-5463
	https://lists.debian.org/debian-lts-announce/2023…

Impacted products

Vendor

Product

Version

Mozilla

Thunderbird

Affected: unspecified , < 115.0.1 (custom)

Mozilla

Thunderbird

Affected: unspecified , < 102.13.1 (custom)

Credits

이준성 (Junsung Lee)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:55:03.371Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1835582"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-27/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-28/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5463"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00032.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-3417",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-25T18:54:00.544708Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-25T18:54:26.256Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "115.0.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "102.13.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "\uc774\uc900\uc131 (Junsung Lee)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in  fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This vulnerability affects Thunderbird \u003c 115.0.1 and Thunderbird \u003c 102.13.1."
            }
          ],
          "value": "Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in  fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This vulnerability affects Thunderbird \u003c 115.0.1 and Thunderbird \u003c 102.13.1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "File Extension Spoofing using the Text Direction Override Character",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-31T03:06:07.712Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1835582"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-27/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-28/"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5463"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00032.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2023-3417",
    "datePublished": "2023-07-24T10:09:37.591Z",
    "dateReserved": "2023-06-26T17:25:53.967Z",
    "dateUpdated": "2025-02-13T16:55:20.883Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted