[<prev] [next>] [day] [month] [year] [list]
Message-ID: <1280163347.2604.1.camel@mdlinux.technorage.com>
Date: Mon, 26 Jul 2010 12:55:47 -0400
From: Marc Deslauriers <marc.deslauriers@...onical.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: [USN-958-1] Thunderbird vulnerabilities
===========================================================
Ubuntu Security Notice USN-958-1 July 26, 2010
thunderbird vulnerabilities
CVE-2010-0654, CVE-2010-1205, CVE-2010-1211, CVE-2010-1212,
CVE-2010-1213, CVE-2010-2752, CVE-2010-2753, CVE-2010-2754
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 10.04 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 10.04 LTS:
thunderbird 3.0.6+build2+nobinonly-0ubuntu0.10.04.1
After a standard system update you need to restart Thunderbird to make
all the necessary changes.
Details follow:
Several flaws were discovered in the browser engine of Thunderbird. If a
user were tricked into viewing malicious content, a remote attacker could
use this to crash Thunderbird or possibly run arbitrary code as the user
invoking the program. (CVE-2010-1211, CVE-2010-1212)
An integer overflow was discovered in how Thunderbird processed CSS values.
An attacker could exploit this to crash Thunderbird or possibly run
arbitrary code as the user invoking the program. (CVE-2010-2752)
An integer overflow was discovered in how Thunderbird interpreted the XUL
element. If a user were tricked into viewing malicious content, a remote
attacker could use this to crash Thunderbird or possibly run arbitrary code
as the user invoking the program. (CVE-2010-2753)
Aki Helin discovered that libpng did not properly handle certain malformed
PNG images. If a user were tricked into opening a crafted PNG file, an
attacker could cause a denial of service or possibly execute arbitrary code
with the privileges of the user invoking the program. (CVE-2010-1205)
Yosuke Hasegawa discovered that the same-origin check in Thunderbird could
be bypassed by utilizing the importScripts Web Worker method. If a user
were tricked into viewing malicious content, an attacker could exploit this
to read data from other domains. (CVE-2010-1213)
Chris Evans discovered that Thunderbird did not properly process improper
CSS selectors. If a user were tricked into viewing malicious content, an
attacker could exploit this to read data from other domains.
(CVE-2010-0654)
Soroush Dalili discovered that Thunderbird did not properly handle script
error output. An attacker could use this to access URL parameters from
other domains. (CVE-2010-2754)
Updated packages for Ubuntu 10.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1.diff.gz
Size/MD5: 92850 bc785c0348418206d4c8588ebaac0132
http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1.dsc
Size/MD5: 2412 a28a4d277235e3b6331a53471c467213
http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly.orig.tar.gz
Size/MD5: 61048660 055766c535ba92126b033128d6540dd4
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb
Size/MD5: 64137096 67d94866d04e19b71ad34521e78377cd
http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb
Size/MD5: 5245646 e2eb4667407a5db752c62ad5a9f9df91
http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb
Size/MD5: 148998 4eb30277c88a46b9f65bf80d9ca984bd
http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb
Size/MD5: 9296 4ed1c5b7788eb65fbccb960617217f44
http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb
Size/MD5: 11386116 cabfab2567a14b23bc0a46351ff4dbb7
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_i386.deb
Size/MD5: 64479186 0e6a1a89d7591d3d143cf12c12680ac6
http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_i386.deb
Size/MD5: 5311316 870ff89004da182aac32cac5d38027e4
http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_i386.deb
Size/MD5: 148154 6541fcf1d83a42fb02926a81f0a50858
http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_i386.deb
Size/MD5: 9292 000175067546013dc9ed8b2dcc12072e
http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_i386.deb
Size/MD5: 10413876 9881b8ec4cd24233f1d7904997f04188
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb
Size/MD5: 67105712 cfac784d5b5369f85ee450bb6b8aa06d
http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb
Size/MD5: 5238112 1666f03c78dffbbfdfe27697b6c1a983
http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb
Size/MD5: 153330 2b28241ad770ced2dc0deb4d04e91f62
http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb
Size/MD5: 9296 9caeeb0a6fd9694c0a2c26cfd7c007d9
http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb
Size/MD5: 11266520 cc5caab3d5bb3dedbfd08f0cdbbe1cc3
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb
Size/MD5: 63651728 ecce696ddbd92be7a0e3d285317b3ab2
http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb
Size/MD5: 5219274 f791be2a355ccb057e3526d56b3952d7
http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb
Size/MD5: 144264 7ad54644130634dd28eec04fe01a2322
http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb
Size/MD5: 9298 e69ad6c66d4a5907d7fb61aa1a12a0f3
http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb
Size/MD5: 10521756 8247952d2eff647da997dd86595e869f
Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)
Powered by blists - more mailing lists