1. Home
  2. Vulnerabilities
  3. CVE-2017-7829

CVE-2017-7829

CVSS v3.0 5.3 (Medium)
53% Progress
CVSS v2.0 5 (Medium)
50% Progress
EPSS 0.32 % (71th)
0.32% Progress
Affected Products 8
Advisories 9
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. The real sender's address is not displayed if preceded by a null character in the display string. This vulnerability affects Thunderbird < 52.5.2.

Weaknesses
CWE-20
Improper Input Validation
CVE Status
PUBLISHED
CNA
Mozilla Corporation
Published Date
2018-06-11 21:29:11
(6 years ago)
Updated Date
2018-08-07 12:28:12
(6 years ago)

Affected Products

Canonical

Debian

Mozilla

Redhat

Configuration #1

    CPE23 From Up To
  Mozilla Thunderbird prior 52.5.2 version cpe:2.3:a:mozilla:thunderbird < 52.5.2

Configuration #2

    CPE23 From Up To
  Redhat Enterprise Linux Aus 7.4 cpe:2.3:o:redhat:enterprise_linux_aus:7.4
  Redhat Enterprise Linux Desktop 6.0 cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
  Redhat Enterprise Linux Desktop 7.0 cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  Redhat Enterprise Linux Eus 7.4 cpe:2.3:o:redhat:enterprise_linux_eus:7.4
  Redhat Enterprise Linux Eus 7.5 cpe:2.3:o:redhat:enterprise_linux_eus:7.5
  Redhat Enterprise Linux Server 6.0 cpe:2.3:o:redhat:enterprise_linux_server:6.0
  Redhat Enterprise Linux Server 7.0 cpe:2.3:o:redhat:enterprise_linux_server:7.0
  Redhat Enterprise Linux Workstation 6.0 cpe:2.3:o:redhat:enterprise_linux_workstation:6.0
  Redhat Enterprise Linux Workstation 7.0 cpe:2.3:o:redhat:enterprise_linux_workstation:7.0

Configuration #3

    CPE23 From Up To
  Debian Linux 7.0 cpe:2.3:o:debian:debian_linux:7.0
  Debian Linux 8.0 cpe:2.3:o:debian:debian_linux:8.0
  Debian Linux 9.0 cpe:2.3:o:debian:debian_linux:9.0

Configuration #4

    CPE23 From Up To
  Canonical Ubuntu Linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts
  Canonical Ubuntu Linux 16.04 cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts
  Canonical Ubuntu Linux 17.10 cpe:2.3:o:canonical:ubuntu_linux:17.10