Arbitrary Attachment Name Spoofing Vulnerability in Thunderbird ESR < 52.8 and Thunderbird < 52.8
CVE-2018-5170 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
Learn more about our User Device Pen Test.