Ubuntu 11.10 : thunderbird vulnerabilities (USN-1343-1)

Ubuntu Security Notice (C) 2012-2014 Canonical, Inc. / NASL script (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing a security-related patch.

Description :

Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian
Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse
Ruderman, Marcia Knous, and Rober Longson discovered several memory
safety issues which could possibly be exploited to crash Thunderbird
or execute arbitrary code as the user that invoked Thunderbird.
(CVE-2011-3660)

Aki Helin discovered a crash in the YARR regular expression library
that could be triggered by JavaScript in web content. (CVE-2011-3661)

It was discovered that a flaw in the Mozilla SVG implementation could
result in an out-of-bounds memory access if SVG elements were removed
during a DOMAttrModified event handler. An attacker could potentially
exploit this vulnerability to crash Thunderbird. (CVE-2011-3658)

Mario Heiderich discovered it was possible to use SVG animation
accessKey events to detect key strokes even when JavaScript was
disabled. A malicious web page could potentially exploit this to trick
a user into interacting with a prompt thinking it came from
Thunderbird in a context where the user believed scripting was
disabled. (CVE-2011-3663)

It was discovered that it was possible to crash Thunderbird when
scaling an OGG <video> element to extreme sizes. (CVE-2011-3665).

Solution :

Update the affected thunderbird package.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 57686 ()

Bugtraq ID: 51133
51134
51135
51136
51138

CVE ID: CVE-2011-3658
CVE-2011-3660
CVE-2011-3661
CVE-2011-3663
CVE-2011-3665