Medium
Mozilla Thunderbird could allow a remote attacker to bypass security restrictions, caused by the failure to update the existing copy of the key that was not yet revoked when importing a revoked key that specified key compromise as the revocation reason. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to ignore OpenPGP revocation information
Mozilla
Refer to Mozilla Foundation Security Advisory for patch, upgrade or suggested workaround information.