Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in Thunderbird.
Software Description:
- thunderbird: Mozilla Open Source mail and newsgroup client
Details:
Bobby Holley, Christian Holler, David Bolter, Byron Campen and Jon
Coppeard discovered multiple memory safety issues in Thunderbird. If a
user were tricked in to opening a specially crafted message with scripting
enabled, an attacker could potentially exploit these to cause a denial of
service via application crash, or execute arbitrary code with the
privileges of the user invoking Thunderbird. (CVE-2014-1574)
Atte Kettunen discovered a buffer overflow during CSS manipulation. If a
user were tricked in to opening a specially crafted message, an attacker
could potentially exploit this to cause a denial of service via
application crash or execute arbitrary code with the privileges of the
user invoking Thunderbird. (CVE-2014-1576)
Holger Fuhrmannek discovered an out-of-bounds read with Web Audio. If a
user were tricke...
The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: thunderbird 1:31.2.0+build2-0ubuntu0.14.04.1 Ubuntu 12.04 LTS: thunderbird 1:31.2.0+build2-0ubuntu0.12.04.1 After a standard system update you need to restart Thunderbird to make all the necessary changes.
https://ubuntu.com/security/notices/USN-2373-1
CVE-2014-1574, CVE-2014-1576, CVE-2014-1577, CVE-2014-1578,
CVE-2014-1581, CVE-2014-1585, CVE-2014-1586
Get the latest Linux and open source security news straight to your inbox.