Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected authentication method was configured, the MITM could obtain the authentication credentials, too. This vulnerability affects Thunderbird < 91.2.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Thunderbird 安全漏洞
Vulnerability Description
Mozilla Thunderbird是美国Mozilla基金会的一套从Mozilla Application Suite独立出来的电子邮件客户端软件。该软件支持IMAP、POP邮件协议以及HTML邮件格式。 Mozilla Thunderbird 中存在安全漏洞,该漏洞源于产品在SMTP连接中忽略的STARTTLS的设置。攻击者可通过该漏洞访问敏感数据。以下产品及版本受到影响:Mozilla Thunderbird 91.0, 91.0.1 至 91.0.3 版本,Mozilla Thunderbird
CVSS Information
N/A
Vulnerability Type
N/A