Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 591
Alerts This Week
Warning Icon 1 591

Scientific Linux: CVE-2012-0442 Critical: Thunderbird Remote Code Risk

Scientific Large Esm H446
Critical: thunderbird security update
Date: Wed, 1 Feb 2012 13:02:53 -0600
Reply-To: This email address is being protected from spambots. You need JavaScript enabled to view it.
Sender: Security Erratfor ScientifiLinux
 
From: This email address is being protected from spambots. You need JavaScript enabled to view it.
Subject: Security ERRATA Critical: thunderbird on SL6.i386/x86_64
Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Synopsis: Critical: thunderbird security update
IssuDate: 2012-01-31
CVE Numbers: CVE-2012-0442
 CVE-2011-3670
 CVE-2012-0449
 CVE-2011-3659

MozillThunderbird is standalonmaiand newsgrouclient.

A use-after-freflaw was found in thway Thunderbird removed
nsDOMAttributchild nodesIn certain circumstances, dutthpremature
notification of AttributeChildRemoved, malicious script could possibly
usthis flaw tcausThunderbird tcrash or, potentially, execute
arbitrary codwith thprivileges of thuser running Thunderbird.
(CVE-2011-3659)

Severaflaws werfound in thprocessing of malformed contentAn HTML
maimessagcontaining malicious content could causThunderbird tcrash
or, potentially, executarbitrary codwith thprivileges of thuser
running Thunderbird(CVE-2012-0442)

A flaw was found in thway Thunderbird parsed certain ScalablVector
Graphics (SVG) imagfiles that contained eXtensiblStylSheet Language
Transformations (XSLT)An HTML maimessagcontaining malicious SVG
imagfilcould causThunderbird tcrash or, potentially, execute
arbitrary codwith thprivileges of thuser running Thunderbird.
(CVE-2012-0449)

Thsame-origin policy in Thunderbird treated and
 as interchangeableA malicious script could possibly
usthis flaw tgain access tsensitivinformation (such as client's
IP and user e-maiaddress, or httpOnly cookies) that may bincluded in
HTTP proxy error replies, generated in responstinvalid URLs using
squarbrackets(CVE-2011-3670)

Note: ThCVE-2011-3659 and CVE-2011-3670 issues cannot bexploited by a
specially-crafted HTML maimessagas JavaScript is disabled by default
for maimessagesIt could bexploited another way in Thunderbird, for
example, when viewing thfulremotcontent of an RSS feed.

For technicadetails regarding thesflaws, refer tthMozillsecurity
advisories for Thunderbird 3.1.18.

AlThunderbird users should upgradtthesupdated packages, which
contain Thunderbird version 3.1.18, which corrects thesissuesAfter
installing thupdate, Thunderbird must brestarted for thchanges to
takeffect.

SL6:
 i386
 thunderbird-3.1.18-1.el6_2.i686.rpm
 thunderbird-debuginfo-3.1.18-1.el6_2.i686.rpm
 x86_64
 thunderbird-3.1.18-1.el6_2.x86_64.rpm
 thunderbird-debuginfo-3.1.18-1.el6_2.x86_64.rpm

- ScientifiLinuDevelopment Team