CVE-2017-7848
published 2018-06-11CVE-2017-7848: RSS fields can inject new lines into the created email structure, modifying the message body. This vulnerability affects Thunderbird < 52.5.2.
medium5.3CVSS 3.0
AVNACLPRNUINSUCNILAN
RSS fields can inject new lines into the created email structure, modifying the message body. This vulnerability affects Thunderbird < 52.5.2.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | thunderbird | < thunderbird 1:52.5.2-1 (bookworm) | thunderbird 1:52.5.2-1 (bookworm) |
| mozilla | thunderbird | < 52.5.2 | 52.5.2 |
| mozilla | thunderbird | >= 0 < 1:52.5.2-1 | 1:52.5.2-1 |
| mozilla | thunderbird | >= 0 < 1:52.5.2-1 | 1:52.5.2-1 |
| mozilla | thunderbird | >= 0 < 1:52.5.2-1 | 1:52.5.2-1 |
| mozilla | thunderbird | >= 0 < 1:52.5.2-1 | 1:52.5.2-1 |
| mozilla | thunderbird | >= 0 < 1:52.6.0+build1-0ubuntu0.14.04.1 | 1:52.6.0+build1-0ubuntu0.14.04.1 |
| mozilla | thunderbird | >= 0 < 1:52.6.0+build1-0ubuntu0.16.04.1 | 1:52.6.0+build1-0ubuntu0.16.04.1 |
| mozilla | thunderbird | >= unspecified < 52.5.2 | 52.5.2 |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_server_eus | — | — |
| redhat | enterprise_linux_server_eus | — | — |
| redhat | enterprise_linux_server_eus | — | — |
| redhat | enterprise_linux_workstation | — | — |
| redhat | enterprise_linux_workstation | — | — |
CVSS provenance
nvdv3.05.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
osv5.3MEDIUM