vulnerability
Oracle Linux: CVE-2023-4051: ELSA-2023-4945: thunderbird security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Aug 29, 2023 | Sep 5, 2023 | Dec 3, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Aug 29, 2023
Added
Sep 5, 2023
Modified
Dec 3, 2025
Description
A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.
The Mozilla Foundation Security Advisory describes this flaw as:
A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks.
The Mozilla Foundation Security Advisory describes this flaw as:
A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks.
Solutions
oracle-linux-upgrade-firefoxoracle-linux-upgrade-firefox-x11oracle-linux-upgrade-thunderbird
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.