CVE-2021-29957 Information

Jun 07, 2022 cve

Description

If a MIME encoded email contains an OpenPGP inline signed or encrypted message part but also contains an additional unprotected part Thunderbird did not indicate that only parts of the message are protected. This vulnerability affects Thunderbird < 78.10.2.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Reference

https://www.mozilla.org/security/advisories/mfsa2021-22/ https://bugzilla.mozilla.org/show_bug.cgi?id=1673241

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

LOW

Base Score

NONE

Base Severity

4.3

Share on: