Oval Definition:oval:com.ubuntu.cosmic:def:2018185090000000
Revision Date:2019-04-26Version:1
Title:CVE-2018-18509 on Ubuntu 18.10 (cosmic) - medium.
Description:A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird as having a valid digital signature, even if the shown message contents aren't covered by the signature. The flaw allows an attacker to reuse a valid S/MIME signature to craft an email message with arbitrary content. This vulnerability affects Thunderbird < 60.5.1.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-18509
Platform(s):Ubuntu 18.10
Product(s):
Definition Synopsis
  • Ubuntu 18.10 (cosmic) is installed.
  • AND thunderbird package in cosmic was vulnerable but has been fixed (note: '1:60.5.1+build2-0ubuntu0.18.10.1').
  • BACK