Ubuntu 1369-1: Thunderbird vulnerabilities

    Date17 Feb 2012
    CategoryUbuntu
    45
    Posted ByLinuxSecurity Advisories
    Several security issues were fixed in Thunderbird.
    ==========================================================================
    Ubuntu Security Notice USN-1369-1
    February 17, 2012
    
    thunderbird vulnerabilities
    ==========================================================================
    
    A security issue affects these releases of Ubuntu and its derivatives:
    
    - Ubuntu 11.10
    
    Summary:
    
    Several security issues were fixed in Thunderbird.
    
    Software Description:
    - thunderbird: Mozilla Open Source mail and newsgroup client
    
    Details:
    
    Nicolas Gregoire and Aki Helin discovered that when processing a malformed
    embedded XSLT stylesheet, Thunderbird can crash due to memory corruption.
    If the user were tricked into opening a specially crafted page, an attacker
    could exploit this to cause a denial of service via application crash, or
    potentially execute code with the privileges of the user invoking
    Thunderbird. (CVE-2012-0449)
    
    It was discovered that memory corruption could occur during the decoding of
    Ogg Vorbis files. If the user were tricked into opening a specially crafted
    file, an attacker could exploit this to cause a denial of service via
    application crash, or potentially execute code with the privileges of the
    user invoking Thunderbird. (CVE-2012-0444)
    
    Tim Abraldes discovered that when encoding certain image types the
    resulting data was always a fixed size. There is the possibility of
    sensitive data from uninitialized memory being appended to these images.
    (CVE-2012-0447)
    
    It was discovered that Thunderbird did not properly perform XPConnect
    security checks. An attacker could exploit this to conduct cross-site
    scripting (XSS) attacks through web pages and Thunderbird extensions. With
    cross-site scripting vulnerabilities, if a user were tricked into viewing a
    specially crafted page, a remote attacker could exploit this to modify the
    contents, or steal confidential data, within the same domain.
    (CVE-2012-0446)
    
    It was discovered that Thunderbird did not properly handle node removal in
    the DOM. If the user were tricked into opening a specially crafted page, an
    attacker could exploit this to cause a denial of service via application
    crash, or potentially execute code with the privileges of the user invoking
    Thunderbird. (CVE-2011-3659)
    
    Alex Dvorov discovered that Thunderbird did not properly handle sub-frames
    in form submissions. An attacker could exploit this to conduct phishing
    attacks using HTML5 frames. (CVE-2012-0445)
    
    Ben Hawkes, Christian Holler, Honza Bombas, Jason Orendorff, Jesse
    Ruderman, Jan Odvarko, Peter Van Der Beken, Bob Clary, and Bill McCloskey
    discovered memory safety issues affecting Thunderbird. If the user were
    tricked into opening a specially crafted page, an attacker could exploit
    these to cause a denial of service via application crash, or potentially
    execute code with the privileges of the user invoking Thunderbird.
    (CVE-2012-0442, CVE-2012-0443)
    
    Andrew McCreight and Olli Pettay discovered a use-after-free vulnerability
    in the XBL bindings. An attacker could exploit this to cause a denial of
    service via application crash, or potentially execute code with the
    privileges of the user invoking Thunderbird. (CVE-2012-0452)
    
    Jueri Aedla discovered that libpng, which is in Thunderbird, did not
    properly verify the size used when allocating memory during chunk
    decompression. If a user or automated system using libpng were tricked into
    opening a specially crafted image, an attacker could exploit this to cause
    a denial of service or execute code with the privileges of the user
    invoking the program. (CVE-2011-3026)
    
    Update instructions:
    
    The problem can be corrected by updating your system to the following
    package versions:
    
    Ubuntu 11.10:
      thunderbird                     10.0.2+build1-0ubuntu0.11.10.1
    
    After a standard system update you need to restart Thunderbird to make
    all the necessary changes.
    
    References:
      http://www.ubuntu.com/usn/usn-1369-1
      CVE-2011-3659, CVE-2012-0442, CVE-2012-0443, CVE-2012-0444,
      CVE-2012-0445, CVE-2012-0446, CVE-2012-0447, CVE-2012-0449,
      CVE-2012-0452, https://launchpad.net/bugs/923372, https://launchpad.net/bugs/929964, https://launchpad.net/bugs/933382
    
    Package Information:
      https://launchpad.net/ubuntu/+source/thunderbird/10.0.2+build1-0ubuntu0.11.10.1
    
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"39","type":"x","order":"1","pct":50,"resources":[]},{"id":"88","title":"Should be more technical","votes":"11","type":"x","order":"2","pct":14.1,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"28","type":"x","order":"3","pct":35.9,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.