Ubuntu 12.04 LTS / 12.10 / 13.10 / 14.04 LTS : thunderbird vulnerabilities (USN-2189-1)

Ubuntu Security Notice (C) 2014-2016 Canonical, Inc. / NASL script (C) 2014-2016 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing a security-related patch.

Description :

Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij,
Jesse Ruderman, Nathan Froyd and Christian Holler discovered multiple
memory safety issues in Thunderbird. If a user were tricked in to
opening a specially crafted message with scripting enabled, an
attacker could potentially exploit these to cause a denial of service
via application crash, or execute arbitrary code with the privileges
of the user invoking Thunderbird. (CVE-2014-1518)

Abhishek Arya discovered an out of bounds read when decoding JPG
images. An attacker could potentially exploit this to cause a denial
of service via application crash. (CVE-2014-1523)

Abhishek Arya discovered a buffer overflow when a script uses a
non-XBL object as an XBL object. If a user had enabled scripting, an
attacker could potentially exploit this to execute arbitrary code with
the privileges of the user invoking Thunderbird. (CVE-2014-1524)

Mariusz Mlynski discovered that sites with notification permissions
can run script in a privileged context in some circumstances. If a
user had enabled scripting, an attacker could exploit this to execute
arbitrary code with the privileges of the user invoking Thunderbird.
(CVE-2014-1529)

It was discovered that browser history navigations could be used to
load a site with the addressbar displaying the wrong address. If a
user had enabled scripting, an attacker could potentially exploit this
to conduct cross-site scripting or phishing attacks. (CVE-2014-1530)

A use-after-free was discovered when resizing images in some
circumstances. If a user had enabled scripting, an attacker could
potentially exploit this to cause a denial of service via application
crash or execute arbitrary code with the privileges of the user
invoking Thunderbird. (CVE-2014-1531)

Tyson Smith and Jesse Schwartzentruber discovered a use-after-free
during host resolution in some circumstances. An attacker could
potentially exploit this to cause a denial of service via application
crash or execute arbitrary code with the privileges of the user
invoking Thunderbird. (CVE-2014-1532).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected thunderbird package.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 73803 ()

Bugtraq ID: 67123
67129
67130
67131
67134
67135
67137

CVE ID: CVE-2014-1518
CVE-2014-1523
CVE-2014-1524
CVE-2014-1529
CVE-2014-1530
CVE-2014-1531
CVE-2014-1532

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial