Bug 2092416 (CVE-2022-1834)
| Summary: | CVE-2022-1834 Mozilla: Braille space character caused incorrect sender email to be shown for a digitally signed email | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Mauro Matteo Cascella <mcascell> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | erack, jhorak, nobody, stransky, tpopela |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | thunderbird 91.10 | Doc Type: | --- |
| Doc Text: |
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird displays all spaces. This flaw allows an attacker to send an email message with the attacker's digital signature that shows an arbitrary sender email address chosen by the attacker. If the sender's name started with a false email address, followed by many Braille space characters, the attacker's email address was not visible. Because Thunderbird compared the invisible sender address with the signature's email address, if Thunderbird accepted the signing key or certificate, the email was shown as having a valid digital signature.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2022-06-03 20:42:52 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2089665, 2089666, 2089667, 2089669, 2089670, 2089671, 2089672, 2089673, 2089674, 2091924 | ||
| Bug Blocks: | 2089662 | ||
|
Description
Mauro Matteo Cascella
2022-06-01 13:49:17 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:4889 https://access.redhat.com/errata/RHSA-2022:4889 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:4891 https://access.redhat.com/errata/RHSA-2022:4891 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:4888 https://access.redhat.com/errata/RHSA-2022:4888 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:4887 https://access.redhat.com/errata/RHSA-2022:4887 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:4892 https://access.redhat.com/errata/RHSA-2022:4892 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2022:4890 https://access.redhat.com/errata/RHSA-2022:4890 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-1834 |