Ubuntu 12.04 LTS / 14.04 LTS : thunderbird vulnerabilities (USN-2373-1)

Ubuntu Security Notice (C) 2014-2016 Canonical, Inc. / NASL script (C) 2014-2016 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing a security-related patch.

Description :

Bobby Holley, Christian Holler, David Bolter, Byron Campen and Jon
Coppeard discovered multiple memory safety issues in Thunderbird. If a
user were tricked in to opening a specially crafted message with
scripting enabled, an attacker could potentially exploit these to
cause a denial of service via application crash, or execute arbitrary
code with the privileges of the user invoking Thunderbird.
(CVE-2014-1574)

Atte Kettunen discovered a buffer overflow during CSS manipulation. If
a user were tricked in to opening a specially crafted message, an
attacker could potentially exploit this to cause a denial of service
via application crash or execute arbitrary code with the privileges of
the user invoking Thunderbird. (CVE-2014-1576)

Holger Fuhrmannek discovered an out-of-bounds read with Web Audio. If
a user were tricked in to opening a specially crafted message with
scripting enabled, an attacker could potentially exploit this to steal
sensitive information. (CVE-2014-1577)

Abhishek Arya discovered an out-of-bounds write when buffering WebM
video in some circumstances. If a user were tricked in to opening a
specially crafted message with scripting enabled, an attacker could
potentially exploit this to cause a denial of service via application
crash or execute arbitrary code with the privileges of the user
invoking Thunderbird. (CVE-2014-1578)

A use-after-free was discovered during text layout in some
circumstances. If a user were tricked in to opening a specially
crafted message with scripting enabled, an attacker could potentially
exploit this to cause a denial of service via application crash or
execute arbitrary code with the privileges of the user invoking
Thunderbird. (CVE-2014-1581)

Eric Shepherd and Jan-Ivar Bruaroey discovered issues with video
sharing via WebRTC in iframes, where video continues to be shared
after being stopped and navigating to a new site doesn't turn off the
camera. An attacker could potentially exploit this to access the
camera without the user being aware. (CVE-2014-1585, CVE-2014-1586).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected thunderbird package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 78504 ()

Bugtraq ID: 70424
70426
70428
70430
70436
70440

CVE ID: CVE-2014-1574
CVE-2014-1576
CVE-2014-1577
CVE-2014-1578
CVE-2014-1581
CVE-2014-1585
CVE-2014-1586

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now