2018-06-11 21:00:00
mozilla
PUBLISHED
It is possible to spoof the senders email address and display an arbitrary sender address to the email recipient. The real senders address is not displayed if preceded by a null character in the display string. This vulnerability affects Thunderbird < 52.5.2.