[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256148

 
 

909

 
 

199106

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

Memory corruption when processing S/MIME messages - CVE-2021-43527

ID: oval:org.secpod.oval:def:98114Date: (C)2024-02-19   (M)2024-02-19
Class: VULNERABILITYFamily: windows




Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures.

Platform:
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2016
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Microsoft Windows 10
Microsoft Windows 11
Product:
Mozilla Thunderbird
Reference:
CVE-2021-43527
CVE    1
CVE-2021-43527
CPE    2
cpe:/a:mozilla:thunderbird:::x64
cpe:/a:mozilla:thunderbird:::x86

© SecPod Technologies