Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : mozilla-thunderbird, thunderbird vulnerabilities (USN-668-1)

Ubuntu Security Notice (C) 2008-2016 Canonical, Inc. / NASL script (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing one or more security-related
patches.

Description :

Georgi Guninski, Michal Zalewsk and Chris Evans discovered that the
same-origin check in Thunderbird could be bypassed. If a user were
tricked into opening a malicious website, an attacker could obtain
private information from data stored in the images, or discover
information about software on the user's computer. (CVE-2008-5012)

Jesse Ruderman discovered that Thunderbird did not properly guard
locks on non-native objects. If a user had JavaScript enabled and were
tricked into opening malicious web content, an attacker could cause a
browser crash and possibly execute arbitrary code with user
privileges. (CVE-2008-5014)

Several problems were discovered in the browser, layout and JavaScript
engines. If a user had JavaScript enabled, these problems could allow
an attacker to crash Thunderbird and possibly execute arbitrary code
with user privileges. (CVE-2008-5016, CVE-2008-5017, CVE-2008-5018)

A flaw was discovered in Thunderbird's DOM constructing code. If a
user were tricked into opening a malicious website while having
JavaScript enabled, an attacker could cause the browser to crash and
potentially execute arbitrary code with user privileges.
(CVE-2008-5021)

It was discovered that the same-origin check in Thunderbird could be
bypassed. If a user had JavaScript enabled and were tricked into
opening malicious web content, an attacker could execute JavaScript in
the context of a different website. (CVE-2008-5022)

Chris Evans discovered that Thunderbird did not properly parse E4X
documents, leading to quote characters in the namespace not being
properly escaped. (CVE-2008-5024)

Boris Zbarsky discovered that Thunderbird did not properly process
comments in forwarded in-line messages. If a user had JavaScript
enabled and opened a malicious email, an attacker may be able to
obtain information about the recipient.

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 37649 ()

Bugtraq ID: 32281

CVE ID: CVE-2008-5012
CVE-2008-5014
CVE-2008-5016
CVE-2008-5017
CVE-2008-5018
CVE-2008-5021
CVE-2008-5022
CVE-2008-5024

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial