{"containers": {"cna": {"affected": [{"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"lessThan": "78.9.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious library has been copied to a directory that is contained in the search path for executable libraries, then Thunderbird will load the incorrect library. This vulnerability affects Thunderbird < 78.9.1."}], "problemTypes": [{"descriptions": [{"description": "Thunderbird might execute an alternative OTR library", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-06-24T13:18:52", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-13/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1682101"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-29949", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Thunderbird", "version": {"version_data": [{"version_affected": "<", "version_value": "78.9.1"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious library has been copied to a directory that is contained in the search path for executable libraries, then Thunderbird will load the incorrect library. This vulnerability affects Thunderbird < 78.9.1."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Thunderbird might execute an alternative OTR library"}]}]}, "references": {"reference_data": [{"name": "https://www.mozilla.org/security/advisories/mfsa2021-13/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-13/"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1682101", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1682101"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T22:18:03.263Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-13/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1682101"}]}]}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-29949", "datePublished": "2021-06-24T13:18:52", "dateReserved": "2021-04-01T00:00:00", "dateUpdated": "2024-08-03T22:18:03.263Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "717003F7-C1B4-4A52-A10F-13DB37ED1FCE", "versionEndExcluding": "78.9.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious library has been copied to a directory that is contained in the search path for executable libraries, then Thunderbird will load the incorrect library. This vulnerability affects Thunderbird < 78.9.1."}, {"lang": "es", "value": "Cuando se carga la biblioteca compartida que proporciona la implementaci\u00f3n del protocolo OTR, Thunderbird intentar\u00e1 inicialmente abrirla usando un nombre de archivo que no es distribuido por Thunderbird. Si un ordenador ya ha sido infectado con una biblioteca maliciosa con el nombre de archivo alternativo, y la biblioteca maliciosa ha sido copiada a un directorio que est\u00e1 contenido en la ruta de b\u00fasqueda de bibliotecas ejecutables, entonces Thunderbird cargar\u00e1 la biblioteca incorrecta. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 78.9.1"}], "id": "CVE-2021-29949", "lastModified": "2021-06-30T17:59:05.680", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-06-24T14:15:09.887", "references": [{"source": "security@mozilla.org", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1682101"}, {"source": "security@mozilla.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-13/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-427"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Tuan Vu Pham as the original reporter.", "affected_release": [{"advisory": "RHSA-2021:1192", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "thunderbird-0:78.9.1-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2021-04-14T00:00:00Z"}, {"advisory": "RHSA-2021:1193", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:78.9.1-1.el8_3", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-04-14T00:00:00Z"}, {"advisory": "RHSA-2021:1190", "cpe": "cpe:/a:redhat:rhel_eus:8.1", "package": "thunderbird-0:78.9.1-1.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2021-04-14T00:00:00Z"}, {"advisory": "RHSA-2021:1201", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "thunderbird-0:78.9.1-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2021-04-14T00:00:00Z"}], "bugzilla": {"description": "Mozilla: Thunderbird might execute an alternative OTR library", "id": "1951872", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951872"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-426", "details": ["When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious library has been copied to a directory that is contained in the search path for executable libraries, then Thunderbird will load the incorrect library. This vulnerability affects Thunderbird < 78.9.1."], "name": "CVE-2021-29949", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2021-04-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-29949\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-29949"], "threat_severity": "Low", "upstream_fix": "thunderbird 78.9.1"}