CNNVD-202506-1596 Information
CNNVD ID
CNNVD-202506-1596
Related CVE
- CNNVD Published: 2025-06-11
Description (Chinese)
Mozilla Thunderbird是美国Mozilla基金会的一套从Mozilla Application Suite独立出来的电子邮件客户端软件。该软件支持IMAP、POP邮件协议以及HTML邮件格式。 Mozilla Thunderbird 128.11.1之前版本和139.0.2之前版本存在安全漏洞,该漏洞源于自动下载行为,可能导致磁盘填充或凭据泄露。
Description (English)
Mozilla Thunderbird is an independent e-mail client from Mozilla Application Suite of the Mozilla Foundation in the United States. The software supports IMAP, POP mail protocols and HTML mail formats. There is a security loophole in the previous version of Mozilla Thunderbird 128.11.1 and the previous version of 139.0.2, which stems from automatic downloading and may lead to disk filling or leaking evidence.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Mozilla
Published
2025-06-11
Last Modified
2026-02-24
References
https://www.mozilla.org/security/advisories/mfsa2025-50/ https://bugzilla.mozilla.org/buglist.cgi?bug_id=1958580%2C1968012 https://www.mozilla.org/security/advisories/mfsa2025-49/ https://nvd.nist.gov/vuln/detail/CVE-2025-5986
Patch
https://www.thunderbird.net/zh-CN/download/
Share on: