Home / Early Warning / Vulnerabilidades / CVE-2021-43542

CVE-2021-43542

Type: 
Unavailable / Other
Severity: 
Medium
Publication date: 
12/08/2021
Last modified: 
03/16/2022
Description
Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird
Impact
Access Vector: Through network
Access Complexity: Media
Authentication: Not required to exploit
Impact Type: No impact on system integrity + Partially affects on system confidentiality + No impact on system availability
Vulnerable software and versions
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
Explanation of fields