Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2021-4129): Thunderbird vulnerabilities

Back to Search

Ubuntu: (Multiple Advisories) (CVE-2021-4129): Thunderbird vulnerabilities



Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-5248-1:

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted permissions, conduct header splitting attacks, conduct spoofing attacks, bypass security restrictions, confuse the user, or execute arbitrary code. (CVE-2021-4129,CVE-2021-4140,CVE-2021-29981,CVE-2021-29982, CVE-2021-29987,CVE-2021-29991,CVE-2021-38495,CVE-2021-38496, CVE-2021-38497,CVE-2021-38498,CVE-2021-38500,CVE-2021-38501, CVE-2021-38503,CVE-2021-38504,CVE-2021-38506,CVE-2021-38507, CVE-2021-38508,CVE-2021-38509,CVE-2021-43534,CVE-2021-43535, CVE-2021-43536,CVE-2021-43537,CVE-2021-43538,CVE-2021-43539, CVE-2021-43541,CVE-2021-43542,CVE-2021-43543,CVE-2021-43545, CVE-2021-43656,CVE-2022-22737,CVE-2022-22738,CVE-2022-22739, CVE-2022-22740,CVE-2022-22741,CVE-2022-22742,CVE-2022-22743, CVE-2022-22745,CVE-2022-22747,CVE-2022-22748,CVE-2022-22751)

It was discovered that Thunderbird ignored the configuration to require STARTTLS for an SMTP connection. A person-in-the-middle could potentially exploit this to perform a downgrade attack in order to intercept messages or take control of a session. (CVE-2021-38502)

It was discovered that JavaScript was unexpectedly enabled in the composition area. An attacker could potentially exploit this in combination with another vulnerability, with unspecified impacts. (CVE-2021-43528)

A buffer overflow was discovered in the Matrix chat library bundled with Thunderbird. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2021-44538)

It was discovered that Thunderbird's OpenPGP integration only considered the inner signed message when checking signature validity in a message that contains an additional outer MIME layer. An attacker could potentially exploit this to trick the user into thinking that a message has a valid signature. (CVE-2021-4126)


  • ubuntu-upgrade-thunderbird

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center