SciLinux: CVE-2009-0689 Moderate: thunderbird SL4.x, SL5.x i386/x86_64
Summary
CVE-2009-3380 CVE-2009-3979 CVE-2010-0159Several flaws were found in the processing of malformed HTML mailcontent. An HTML mail message containing malicious content could causeThunderbird to crash or, potentially, execute arbitrary code with theprivileges of the user running Thunderbird. (CVE-2009-2462,CVE-2009-2463, CVE-2009-2466, CVE-2009-3072, CVE-2009-3075,CVE-2009-3380, CVE-2009-3979, CVE-2010-0159)A use-after-free flaw was found in Thunderbird. An attacker could usethis flaw to crash Thunderbird or, potentially, execute arbitrary codewith the privileges of the user running Thunderbird. (CVE-2009-3077)A heap-based buffer overflow flaw was found in the Thunderbird string tofloating point conversion routines. An HTML mail message containingmalicious JavaScript could crash Thunderbird or, potentially, executearbitrary code with the privileges of the user running Thunderbird.(CVE-2009-0689)A use-after-free flaw was found in Thunderbird. Under low memoryconditions, viewing an HTML mail message containing malicious contentcould result in Thunderbird executing arbitrary code with the privilegesof the user running Thunderbird. (CVE-2009-1571)A flaw was found in the way Thunderbird created temporary file names fordownloaded files. If a local attacker knows the name of a fileThunderbird is going to download, they can replace the contents of thatfile with arbitrary contents. (CVE-2009-3274)A flaw was found in the way Thunderbird displayed a right-to-leftoverride character when downloading a file. In these cases, the namedisplayed in the title bar differed from the name displayed in thedialog body. An attacker could use this flaw to trick a user intodownloading a file that has a file name or extension that is differentfrom what the user expected. (CVE-2009-3376)A flaw was found in the way Thunderbird processed SOCKS5 proxy replies.A malicious SOCKS5 server could send a specially-crafted reply thatwould cause Thunderbird to crash. (CVE-2009-2470)Descriptions in the dialogs when adding and removing PKCS #11 moduleswere not informative. An attacker able to trick a user into installing amalicious PKCS #11 module could use this flaw to install their ownCertificate Authority certificates on a user's machine, making itpossible to trick the user into believing they are viewing trustedcontent or, potentially, execute arbitrary code with the privileges ofthe user running Thunderbird. (CVE-2009-3076)All running instances of Thunderbird must be restarted for the update totake effect.