Home > Vulnerability Database > CVE-2023-0616

Mend.io Vulnerability Database

CVE-2023-0616

Date: June 2, 2023

If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted message with this structure to attempt a DoS attack. This vulnerability affects Thunderbird < 102.8.

Language: JS

Severity Score

8.1

Related Resources (8)

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2023-0616

Url: https://www.mozilla.org/security/advisories/mfsa2023-07/

Url: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0616

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=1806507

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-0616

Url: https://security-tracker.debian.org/tracker/CVE-2023-0616

Url: https://access.redhat.com/security/cve/CVE-2023-0616

Url: https://www.mend.io/vulnerability-database/CVE-2023-0616

Severity Score

8.1

Weakness Type (CWE)

Uncontrolled Resource Consumption ('Resource Exhaustion')

CWE-400

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2023-0616

Date: June 2, 2023

Language: JS

Severity Score

Related Resources (8)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?