Unrated severityNVD Advisory· Published Dec 19, 2023· Updated Feb 13, 2025
CVE-2023-50761
CVE-2023-50761
Description
The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compare the signature creation date with the message date and time, and displayed a valid signature despite a date or time mismatch. This could be used to give recipients the impression that a message was sent at a different date or time. This vulnerability affects Thunderbird < 115.6.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7<115.6+ 1 more
- (no CPE)range: <115.6
- (no CPE)range: unspecified
- osv-coords5 versionspkg:rpm/almalinux/thunderbirdpkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweedpkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5
< 115.6.0-1.el9_3.alma+ 4 more
- (no CPE)range: < 115.6.0-1.el9_3.alma
- (no CPE)range: < 115.6.0-150200.8.142.2
- (no CPE)range: < 115.6.0-1.1
- (no CPE)range: < 115.6.0-150200.8.142.2
- (no CPE)range: < 115.6.0-150200.8.142.2
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.