Home / mailings [USN-1122-1] Thunderbird vulnerabilities
Posted on 05 May 2011
Ubuntu Security==========================
==========================
========================
Ubuntu Security Notice USN-1122-1
May 05, 2011
thunderbird vulnerabilities
==========================
==========================
========================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary:
Thunderbird could be made to run programs as your login if it opened
specially crafted mail.
Software Description:
- thunderbird: mail/news client with RSS and integrated spam filter suppo=
rt
Details:
It was discovered that there was a vulnerability in the memory handling o=
f
certain types of content. An attacker could exploit this to possibly run
arbitrary code as the user running Thunderbird. (CVE-2011-0081)
It was discovered that Thunderbird incorrectly handled certain JavaScript=
requests. If JavaScript were enabled, an attacker could exploit this to
possibly run arbitrary code as the user running Thunderbird.
(CVE-2011-0069)
Ian Beer discovered a vulnerability in the memory handling of a certain
types of documents. An attacker could exploit this to possibly run
arbitrary code as the user running Thunderbird. (CVE-2011-0070)
Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman=
discovered several memory vulnerabilities. An attacker could exploit thes=
e
to possibly run arbitrary code as the user running Thunderbird.
(CVE-2011-0080)
Aki Helin discovered multiple vulnerabilities in the HTML rendering code.=
An attacker could exploit these to possibly run arbitrary code as the use=
r
running Thunderbird. (CVE-2011-0074, CVE-2011-0075)
Ian Beer discovered multiple overflow vulnerabilities. An attacker could
exploit these to possibly run arbitrary code as the user running
Thunderbird. (CVE-2011-0077, CVE-2011-0078)
Martin Barbella discovered a memory vulnerability in the handling of
certain DOM elements. An attacker could exploit this to possibly run
arbitrary code as the user running Thunderbird. (CVE-2011-0072)
It was discovered that there were use-after-free vulnerabilities in
Thunderbird's mChannel and mObserverList objects. An attacker could explo=
it
these to possibly run arbitrary code as the user running Thunderbird.
(CVE-2011-0065, CVE-2011-0066)
It was discovered that there was a vulnerability in the handling of the
nsTreeSelection element. An attacker sending a specially crafted E-Mail
could exploit this to possibly run arbitrary code as the user running
Thunderbird. (CVE-2011-0073)
Paul Stone discovered a vulnerability in the handling of Java applets. If=
plugins were enabled, an attacker could use this to mimic interaction wit=
h
form autocomplete controls and steal entries from the form history.
(CVE-2011-0067)
Soroush Dalili discovered a vulnerability in the resource: protocol. This=
could potentially allow an attacker to load arbitrary files that were
accessible to the user running Thunderbird. (CVE-2011-0071)
Chris Evans discovered a vulnerability in Thunderbird's XSLT generate-id(=
)
function. An attacker could possibly use this vulnerability to make other=
attacks more reliable. (CVE-2011-1202)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 10.10:
thunderbird 3.1.10+build1+nobinonly-0ubuntu0.10.10.=
1
Ubuntu 10.04 LTS:
thunderbird 3.1.10+build1+nobinonly-0ubuntu0.10.04.=
1
After a standard system update you need to restart Thunderbird to make
all the necessary changes.
References:
CVE-2011-0065, CVE-2011-0066, CVE-2011-0067, CVE-2011-0069,
CVE-2011-0070, CVE-2011-0071, CVE-2011-0072, CVE-2011-0073,
CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, CVE-2011-0078,
CVE-2011-0080, CVE-2011-0081, CVE-2011-1202
Package Information:
https://launchpad.net/ubuntu/+source/thunderbird/3.1.10+build1+nobinonl=
y-0ubuntu0.10.10.1
https://launchpad.net/ubuntu/+source/thunderbird/3.1.10+build1+nobinonl=
y-0ubuntu0.10.04.1
------------
