Multiple security issues have been found in Thunderbird which could result in denial of service or potentially the execution of arbitrary code.

For Debian 8 'Jessie', these problems have been fixed in version 1:68.7.0-1~deb8u1.

We recommend that you upgrade your thunderbird packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Detections

Analytics

Debian DLA-2172-1 : thunderbird security update

critical Nessus Plugin ID 135495

Version 1.9

Version 1.8

Version 1.8

Version 1.9 Mar 18, 2024, 3:10 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C") CVSSv2 score source (set to "CVE-2020-6825") Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202403181510
Version 1.8 Dec 6, 2022, 1:01 AM Reference Plugin Feed: 202212060101
Version 1.8 Mar 18, 2024, 1:04 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C") CVSSv2 score source (set to "CVE-2020-6825") Exploit attributes ("Exploit available" set to "True") Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202403181304