Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2010:071)

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing one or more security
updates.

Description :

Multiple vulnerabilities has been found and corrected in
mozilla-thunderbird :

Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19
process e-mail attachments with a parser that performs casts and line
termination incorrectly, which allows remote attackers to cause a
denial of service (application crash) or possibly execute arbitrary
code via a crafted message, related to message indexing
(CVE-2009-0689).

Integer overflow in a base64 decoding function in Mozilla Firefox
before 3.0.12 and Thunderbird allows remote attackers to cause a
denial of service (memory corruption and application crash) or
possibly execute arbitrary code via unspecified vectors
(CVE-2009-2463).

Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 3.0.14, and 3.5.x before 3.5.3, allow remote attackers
to cause a denial of service (memory corruption and application crash)
or possibly execute arbitrary code via unknown vectors
(CVE-2009-3072).

Multiple unspecified vulnerabilities in the JavaScript engine in
Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote
attackers to cause a denial of service (memory corruption and
application crash) or possibly execute arbitrary code via unknown
vectors (CVE-2009-3075).

Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not
properly manage pointers for the columns (aka TreeColumns) of a XUL
tree element, which allows remote attackers to execute arbitrary code
via a crafted HTML document, related to a dangling pointer
vulnerability. (CVE-2009-3077)

Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey
before 2.0, does not properly handle a right-to-left override (aka RLO
or U+202E) Unicode character in a download filename, which allows
remote attackers to spoof file extensions via a crafted filename, as
demonstrated by displaying a non-executable extension for an
executable file (CVE-2009-3376).

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey
before 2.0.1, allows remote attackers to send authenticated requests
to arbitrary applications by replaying the NTLM credentials of a
browser user (CVE-2009-3983).

Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19
process e-mail attachments with a parser that performs casts and line
termination incorrectly, which allows remote attackers to cause a
denial of service (application crash) or possibly execute arbitrary
code via a crafted message, related to message indexing
(CVE-2010-0163).

This update provides the latest version of Thunderbird which are not
vulnerable to these issues.

Packages for 2008.0 and 2009.0 are provided due to the Extended
Maintenance Program for those products.

Additionally, some packages which require so, have been rebuilt and
are being provided as updates.

See also :

http://www.nessus.org/u?280be806
http://www.nessus.org/u?56d85a04

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now