[gentoo-announce] [ GLSA 200507-17 ] Mozilla Thunderbird: Multiple vulnerabilities - gentoo-announce

From:	Thierry Carrez <koon@g.o>
To:	gentoo-announce@l.g.o
Cc:	bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200507-17 ] Mozilla Thunderbird: Multiple vulnerabilities
Date:	Mon, 18 Jul 2005 07:54:05
Message-Id:	`42DB5D10.7020400@gentoo.org`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory                           GLSA 200507-17

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                            http://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

  Severity: Normal

8

     Title: Mozilla Thunderbird: Multiple vulnerabilities

9

      Date: July 18, 2005

10

      Bugs: #98855

11

        ID: 200507-17

12

13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

14

15

Synopsis

16

========

17

18

Several vulnerabilities in Mozilla Thunderbird allow attacks ranging

19

from execution of script code with elevated privileges to information

20

leak.

21

22

Background

23

==========

24

25

Mozilla Thunderbird is the next-generation mail client from the Mozilla

26

project.

27

28

Affected packages

29

=================

30

31

    -------------------------------------------------------------------

32

     Package                  /  Vulnerable  /              Unaffected

33

    -------------------------------------------------------------------

34

  1  mozilla-thunderbird           < 1.0.5                    >= 1.0.5

35

  2  mozilla-thunderbird-bin       < 1.0.5                    >= 1.0.5

36

    -------------------------------------------------------------------

37

     2 affected packages on all of their supported architectures.

38

    -------------------------------------------------------------------

39

40

Description

41

===========

42

43

The following vulnerabilities were found and fixed in Mozilla

44

Thunderbird:

45

46

* "moz_bug_r_a4" and "shutdown" discovered that Thunderbird was

47

  improperly cloning base objects (MFSA 2005-56).

48

49

* "moz_bug_r_a4" also reported that Thunderbird was overly trusting

50

  contents, allowing privilege escalation via property overrides (MFSA

51

  2005-41, 2005-44), that it failed to validate XHTML DOM nodes

52

  properly (MFSA 2005-55), and that XBL scripts ran even when

53

  Javascript is disabled (MFSA 2005-46).

54

55

* "shutdown" discovered a possibly exploitable crash in

56

  InstallVersion.compareTo (MFSA 2005-50).

57

58

* Andreas Sandblad from Secunia reported that a child frame can call

59

  top.focus() even if the framing page comes from a different origin

60

  and has overridden the focus() routine (MFSA 2005-52).

61

62

* Georgi Guninski reported missing Install object instance checks in

63

  the native implementations of XPInstall-related JavaScript objects

64

  (MFSA 2005-40).

65

66

* Finally, Vladimir V. Perepelitsa discovered a memory disclosure bug

67

  in JavaScript's regular expression string replacement when using an

68

  anonymous function as the replacement argument (CAN-2005-0989 and

69

  MFSA 2005-33).

70

71

Impact

72

======

73

74

A remote attacker could craft malicious email messages that would

75

leverage these issues to inject and execute arbitrary script code with

76

elevated privileges or help in stealing information.

77

78

Workaround

79

==========

80

81

There are no known workarounds for all the issues at this time.

82

83

Resolution

84

==========

85

86

All Mozilla Thunderbird users should upgrade to the latest version:

87

88

    # emerge --sync

89

    # emerge --ask --oneshot --verbose

90

">=mail-client/mozilla-thunderbird-1.0.5"

91

92

All Mozilla Thunderbird binary users should upgrade to the latest

93

version:

94

95

    # emerge --sync

96

    # emerge --ask --oneshot --verbose

97

">=mail-client/mozilla-thunderbird-bin-1.0.5"

98

99

References

100

==========

101

102

  [ 1 ] Mozilla Foundation Security Advisories

103

104

http://www.mozilla.org/projects/security/known-vulnerabilities.html#Thunderbird

105

  [ 2 ] CAN-2005-0989

106

        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0989

107

108

Availability

109

============

110

111

This GLSA and any updates to it are available for viewing at

112

the Gentoo Security Website:

113

114

  http://security.gentoo.org/glsa/glsa-200507-17.xml

115

116

Concerns?

117

=========

118

119

Security is a primary focus of Gentoo Linux and ensuring the

120

confidentiality and security of our users machines is of utmost

121

importance to us. Any security concerns should be addressed to

122

security@g.o or alternatively, you may file a bug at

123

http://bugs.gentoo.org.

124

125

License

126

=======

127

128

Copyright 2005 Gentoo Foundation, Inc; referenced text

129

belongs to its owner(s).

130

131

The contents of this document are licensed under the

132

Creative Commons - Attribution / Share Alike license.

133

134

http://creativecommons.org/licenses/by-sa/2.0

Gentoo Archives: gentoo-announce

Attachments

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory GLSA 200507-17
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	http://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: Normal
8	Title: Mozilla Thunderbird: Multiple vulnerabilities
9	Date: July 18, 2005
10	Bugs: #98855
11	ID: 200507-17
12
13	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15	Synopsis
16	========
17
18	Several vulnerabilities in Mozilla Thunderbird allow attacks ranging
19	from execution of script code with elevated privileges to information
20	leak.
21
22	Background
23	==========
24
25	Mozilla Thunderbird is the next-generation mail client from the Mozilla
26	project.
27
28	Affected packages
29	=================
30
31	-------------------------------------------------------------------
32	Package / Vulnerable / Unaffected
33	-------------------------------------------------------------------
34	1 mozilla-thunderbird < 1.0.5 >= 1.0.5
35	2 mozilla-thunderbird-bin < 1.0.5 >= 1.0.5
36	-------------------------------------------------------------------
37	2 affected packages on all of their supported architectures.
38	-------------------------------------------------------------------
39
40	Description
41	===========
42
43	The following vulnerabilities were found and fixed in Mozilla
44	Thunderbird:
45
46	* "moz_bug_r_a4" and "shutdown" discovered that Thunderbird was
47	improperly cloning base objects (MFSA 2005-56).
48
49	* "moz_bug_r_a4" also reported that Thunderbird was overly trusting
50	contents, allowing privilege escalation via property overrides (MFSA
51	2005-41, 2005-44), that it failed to validate XHTML DOM nodes
52	properly (MFSA 2005-55), and that XBL scripts ran even when
53	Javascript is disabled (MFSA 2005-46).
54
55	* "shutdown" discovered a possibly exploitable crash in
56	InstallVersion.compareTo (MFSA 2005-50).
57
58	* Andreas Sandblad from Secunia reported that a child frame can call
59	top.focus() even if the framing page comes from a different origin
60	and has overridden the focus() routine (MFSA 2005-52).
61
62	* Georgi Guninski reported missing Install object instance checks in
63	the native implementations of XPInstall-related JavaScript objects
64	(MFSA 2005-40).
65
66	* Finally, Vladimir V. Perepelitsa discovered a memory disclosure bug
67	in JavaScript's regular expression string replacement when using an
68	anonymous function as the replacement argument (CAN-2005-0989 and
69	MFSA 2005-33).
70
71	Impact
72	======
73
74	A remote attacker could craft malicious email messages that would
75	leverage these issues to inject and execute arbitrary script code with
76	elevated privileges or help in stealing information.
77
78	Workaround
79	==========
80
81	There are no known workarounds for all the issues at this time.
82
83	Resolution
84	==========
85
86	All Mozilla Thunderbird users should upgrade to the latest version:
87
88	# emerge --sync
89	# emerge --ask --oneshot --verbose
90	">=mail-client/mozilla-thunderbird-1.0.5"
91
92	All Mozilla Thunderbird binary users should upgrade to the latest
93	version:
94
95	# emerge --sync
96	# emerge --ask --oneshot --verbose
97	">=mail-client/mozilla-thunderbird-bin-1.0.5"
98
99	References
100	==========
101
102	[ 1 ] Mozilla Foundation Security Advisories
103
104	http://www.mozilla.org/projects/security/known-vulnerabilities.html#Thunderbird
105	[ 2 ] CAN-2005-0989
106	http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0989
107
108	Availability
109	============
110
111	This GLSA and any updates to it are available for viewing at
112	the Gentoo Security Website:
113
114	http://security.gentoo.org/glsa/glsa-200507-17.xml
115
116	Concerns?
117	=========
118
119	Security is a primary focus of Gentoo Linux and ensuring the
120	confidentiality and security of our users machines is of utmost
121	importance to us. Any security concerns should be addressed to
122	security@g.o or alternatively, you may file a bug at
123	http://bugs.gentoo.org.
124
125	License
126	=======
127
128	Copyright 2005 Gentoo Foundation, Inc; referenced text
129	belongs to its owner(s).
130
131	The contents of this document are licensed under the
132	Creative Commons - Attribution / Share Alike license.
133
134	http://creativecommons.org/licenses/by-sa/2.0