Home / mailings [USN-1401-2] Thunderbird vulnerabilities
Posted on 23 March 2012
Ubuntu Security==========================
==========================
========================
Ubuntu Security Notice USN-1401-2
March 23, 2012
thunderbird vulnerabilities
==========================
==========================
========================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in Thunderbird.
Software Description:
- thunderbird: Mozilla Open Source mail and newsgroup client
Details:
USN-1401-1 fixed vulnerabilities in Xulrunner. This update provides the
corresponding fixes for Thunderbird.
Original advisory details:
It was discovered that a flaw in the Mozilla SVG implementation could
result in an out-of-bounds memory access if SVG elements were removed
during a DOMAttrModified event handler. If the user were tricked into
opening a specially crafted page, an attacker could exploit this to caus=
e a
denial of service via application crash. (CVE-2011-3658)
=20
Atte Kettunen discovered a use-after-free vulnerability in the Gecko
Rendering Engine's handling of SVG animations. An attacker could
potentially exploit this to execute arbitrary code with the privileges o=
f
the user invoking the Xulrunner based application. (CVE-2012-0457)
=20
Atte Kettunen discovered an out of bounds read vulnerability in the Geck=
o
Rendering Engine's handling of SVG Filters. An attacker could potentiall=
y
exploit this to make data from the user's memory accessible to the page
content. (CVE-2012-0456)
=20
Soroush Dalili discovered that the Gecko Rendering Engine did not
adequately protect against dropping JavaScript links onto a frame. A rem=
ote
attacker could, through cross-site scripting (XSS), exploit this to modi=
fy
the contents of the frame or steal confidential data. (CVE-2012-0455)
=20
Mariusz Mlynski discovered that the Home button accepted JavaScript link=
s
to set the browser Home page. An attacker could use this vulnerability t=
o
get the script URL loaded in the privileged about:sessionrestore context=
=2E
(CVE-2012-0458)
=20
Bob Clary, Vincenzo Iozzo, and Willem Pinckaers discovered memory safety=
issues affecting Firefox. If the user were tricked into opening a specia=
lly
crafted page, an attacker could exploit these to cause a denial of servi=
ce
via application crash, or potentially execute code with the privileges o=
f
the user invoking Firefox. (CVE-2012-0461, CVE-2012-0464)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 11.04:
thunderbird 3.1.20+build1+nobinonly-0ubuntu0.11.04.=
1
Ubuntu 10.10:
thunderbird 3.1.20+build1+nobinonly-0ubuntu0.10.10.=
1
Ubuntu 10.04 LTS:
thunderbird 3.1.20+build1+nobinonly-0ubuntu0.10.04.=
1
After a standard system update you need to restart Thunderbird to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1401-2
http://www.ubuntu.com/usn/usn-1401-1
CVE-2011-3658, CVE-2012-0455, CVE-2012-0456, CVE-2012-0457,
CVE-2012-0458, CVE-2012-0461, CVE-2012-0464, https://launchpad.net/bugs=
/953720
Package Information:
https://launchpad.net/ubuntu/+source/thunderbird/3.1.20+build1+nobinonl=
y-0ubuntu0.11.04.1
https://launchpad.net/ubuntu/+source/thunderbird/3.1.20+build1+nobinonl=
y-0ubuntu0.10.10.1
https://launchpad.net/ubuntu/+source/thunderbird/3.1.20+build1+nobinonl=
y-0ubuntu0.10.04.1
------------
