Rewterz Threat Advisory – Mozilla Thunderbird SMTP server response codes buffer overflow

Rewterz Threat Alert – Multi-Vector Miner and Tsunami Botnet with SSH Lateral Movement

December 2, 2020

Rewterz Threat Alert – Turla APT Group Targeting European Union

December 3, 2020

Rewterz Threat Advisory – Mozilla Thunderbird SMTP server response codes buffer overflow

Severity

High

Analysis Summary

CVE-2020-26970

Mozilla Thunderbird is vulnerable to a stack-based buffer overflow, caused by improper parsing of SMTP server response codes. By persuading a victim to visit a specially crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the client to crash.

Impact

Gain access

Affected Vendors

Mozilla

Affected Products

Mozilla Thunderbird 78.5

Remediation

Refer to Mozilla Foundation Security Advisory 2020-53 for patch, upgrade or suggested workaround information.

https://www.mozilla.org/en-US/security/advisories/mfsa2020-53/

Rewterz Threat Alert – Multi-Vector Miner and Tsunami Botnet with SSH Lateral Movement

Rewterz Threat Alert – Turla APT Group Targeting European Union

Rewterz Threat Advisory – Mozilla Thunderbird SMTP server response codes buffer overflow

Severity

Analysis Summary

CVE-2020-26970

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan