CVE-2023-50761

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Dec 19, 2023

Updated: Dec 29, 2023

Summary

CVE-2023-50761 is a vulnerability in Thunderbird email client versions prior to 115.6. It allows an attacker to manipulate the signature creation date and time of a digitally signed S/MIME email message without Thunderbird verifying the consistency between the signature and message dates. Consequently, the email may be displayed with a valid signature despite a significant date or time discrepancy. This could potentially deceive recipients into believing that a message was sent at a different date than actual.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Mozilla Thunderbird
Debian

Affected Vendors

Mozilla
Debian

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tx_HGS
https://www.cve.org/CVERecord?id=CVE-2023-50761
https://nvd.nist.gov/vuln/detail/CVE-2023-50761

Back to Vulnerability Database