USN-5824-1

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2022-45403, CVE-2022-45404, CVE-2022-45405, CVE-2022-45406, CVE-2022-45408, CVE-2022-45409, CVE-2022-45410, CVE-2022-45411, CVE-2022-45418, CVE-2022-45420, CVE-2022-45421, CVE-2022-46878, CVE-2022-46880, CVE-2022-46881, CVE-2022-46882, CVE-2023-23605)

Armin Ebert discovered that Thunderbird did not properly manage memory while resolving file symlink. If a user were tricked into opening a specially crafted weblink, an attacker could potentially exploit these to cause a denial of service. (CVE-2022-45412)

Sarah Jamie Lewis discovered that Thunderbird did not properly manage network request while handling HTML emails with certain tags. If a user were tricked into opening a specially HTML email, an attacker could potentially exploit these issue and load remote content regardless of a configuration to block remote content. (CVE-2022-45414)

Erik Kraft, Martin Schwarzl, and Andrew McCreight discovered that Thunderbird incorrectly handled keyboard events. An attacker could possibly use this issue to perform a timing side-channel attack and possibly figure out which keys are being pressed. (CVE-2022-45416)

It was discovered that Thunderbird was using an out-of-date libusrsctp library. An attacker could possibly use this library to perform a reentrancy issue on Thunderbird. (CVE-2022-46871)

Nika Layzell discovered that Thunderbird was not performing a check on paste received from cross-processes. An attacker could potentially exploit this to obtain sensitive information. (CVE-2022-46872)

Matthias Zoellner discovered that Thunderbird was not keeping the filename ending intact when using the drag-and-drop event. An attacker could possibly use this...