Rewterz Threat Advisory – Multiple VMware Products Vulnerabilities
April 6, 2022Rewterz Threat Advisory – VMware Horizon Client for Linux Vulnerabilities
April 7, 2022Rewterz Threat Advisory – Multiple VMware Products Vulnerabilities
April 6, 2022Rewterz Threat Advisory – VMware Horizon Client for Linux Vulnerabilities
April 7, 2022Severity
Medium
Analysis Summary
CVE-2022-1197
Mozilla Thunderbird could allow a remote attacker to bypass security restrictions, caused by the failure to update the existing copy of the key that was not yet revoked when importing a revoked key that specified key compromise as the revocation reason. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to ignore OpenPGP revocation information
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2022-1197
Affected Vendors
Mozilla
Affected Products
- Mozilla Thunderbird 91.7.0
Remediation
Refer to Mozilla Foundation Security Advisory for patch, upgrade or suggested workaround information.