Rewterz

Rewterz Threat Alert – Multi-Vector Miner and Tsunami Botnet with SSH Lateral Movement

December 2, 2020
Rewterz

Rewterz Threat Alert – Turla APT Group Targeting European Union

December 3, 2020

Rewterz Threat Advisory – Mozilla Thunderbird SMTP server response codes buffer overflow

Severity

High

Analysis Summary

CVE-2020-26970

Mozilla Thunderbird is vulnerable to a stack-based buffer overflow, caused by improper parsing of SMTP server response codes. By persuading a victim to visit a specially crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the client to crash.

Impact

Gain access

Affected Vendors

Mozilla

Affected Products

Mozilla Thunderbird 78.5

Remediation

Refer to Mozilla Foundation Security Advisory 2020-53 for patch, upgrade or suggested workaround information.

https://www.mozilla.org/en-US/security/advisories/mfsa2020-53/

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.