Rocky Linux: CVE-2023-32207: thunderbird (Multiple Advisories)

Rocky Linux: CVE-2023-32207: thunderbird (Multiple Advisories)

Severity

9

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

06/02/2023

Created

03/07/2024

Added

03/05/2024

Modified

01/28/2025

Description

A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

Solution(s)

• rocky-upgrade-firefox
• rocky-upgrade-firefox-debuginfo
• rocky-upgrade-firefox-debugsource
• rocky-upgrade-thunderbird
• rocky-upgrade-thunderbird-debuginfo
• rocky-upgrade-thunderbird-debugsource

References

• https://attackerkb.com/topics/cve-2023-32207
• CVE - 2023-32207
• https://errata.rockylinux.org/RLSA-2023:3220
• https://errata.rockylinux.org/RLSA-2023:3221