MDKSA-2005:174 - Updated mozilla-thunderbird packages fix multiple vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: MDKSA-2005:174 - Updated mozilla-thunderbird packages fix multiple vulnerabilities
From: Mandriva Security Team <security@xxxxxxxxxxxx>
Date: Thu, 06 Oct 2005 21:06:00 -0600
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Sender: QATeam User <qateam@xxxxxxxxxxxxxxxxxxxx>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           mozilla-thunderbird
 Advisory ID:            MDKSA-2005:174
 Date:                   October 6th, 2005

 Affected versions:      10.2, 2006.0
 ______________________________________________________________________

 Problem Description:

 Updated Mozilla Thunderbird packages fix various vulnerabilities:
 
 The run-mozilla.sh script, with debugging enabled, would allow local
 users to create or overwrite arbitrary files via a symlink attack on
 temporary files (CAN-2005-2353).
 
 A bug in the way Thunderbird processes XBM images could be used to
 execute arbitrary code via a specially crafted XBM image file
 (CAN-2005-2701).
 
 A bug in the way Thunderbird handles certain Unicode sequences could be
 used to execute arbitrary code via viewing a specially crafted Unicode
 sequence (CAN-2005-2702).
 
 A bug in the way Thunderbird makes XMLHttp requests could be abused by
 a malicious web page to exploit other proxy or server flaws from the
 victim's machine; however, the default behaviour of the browser is to
 disallow this (CAN-2005-2703).
 
 A bug in the way Thunderbird implemented its XBL interface could be
 abused by a malicious web page to create an XBL binding in such a way
 as to allow arbitrary JavaScript execution with chrome permissions
 (CAN-2005-2704).
 
 An integer overflow in Thunderbird's JavaScript engine could be
 manipulated in certain conditions to allow a malicious web page to
 execute arbitrary code (CAN-2005-2705).
 
 A bug in the way Thunderbird displays about: pages could be used to
 execute JavaScript with chrome privileges (CAN-2005-2706).
 
 A bug in the way Thunderbird opens new windows could be used by a
 malicious web page to construct a new window without any user interface
 elements (such as address bar and status bar) that could be used to
 potentially mislead the user (CAN-2005-2707).
 
 A bug in the way Thunderbird proceesed URLs on the command line could
 be used to execute arbitary commands as the user running Thunderbird;
 this could be abused by clicking on a supplied link, such as from an
 instant messaging client (CAN-2005-2968).
 
 Tom Ferris reported that Thunderbird would crash when processing a
 domain name consisting solely of soft-hyphen characters due to a heap
 overflow when IDN processing results in an empty string after removing
 non-wrapping chracters, such as soft-hyphens.  This could be exploited
 to run or or install malware on the user's computer (CAN-2005-2871).
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2701
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2702
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2703
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2704
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2705
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2706
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2707
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2968
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2871
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2353
  http://www.mozilla.org/security/announce/mfsa2005-59.html
  http://www.mozilla.org/security/announce/mfsa2005-58.html
  http://www.mozilla.org/security/announce/mfsa2005-57.html
 ______________________________________________________________________

 Updated Packages:
  
 Mandrivalinux 10.2:
 f409c24fe8d4f732a99fff51f9223191  
10.2/RPMS/mozilla-thunderbird-1.0.2-5.1.102mdk.i586.rpm
 18250e4ac4d580a595eaeb16fd3b0171  
10.2/RPMS/mozilla-thunderbird-devel-1.0.2-5.1.102mdk.i586.rpm
 cbfb90b65746b4fbc0848ddbd01395bf  
10.2/RPMS/mozilla-thunderbird-enigmail-1.0.2-5.1.102mdk.i586.rpm
 aa450bd7d1b82425eeef6506f90f5fb4  
10.2/RPMS/mozilla-thunderbird-enigmime-1.0.2-5.1.102mdk.i586.rpm
 5320178037176424f209415c3862d014  
10.2/SRPMS/mozilla-thunderbird-1.0.2-5.1.102mdk.src.rpm

 Mandrivalinux 10.2/X86_64:
 07fa1df593b92831b9f6d1a32b0b3362  
x86_64/10.2/RPMS/mozilla-thunderbird-1.0.2-5.1.102mdk.x86_64.rpm
 ca26795c32146dd1ace798189588029f  
x86_64/10.2/RPMS/mozilla-thunderbird-devel-1.0.2-5.1.102mdk.x86_64.rpm
 7757608ffe4e89d285bc001bdc8851cb  
x86_64/10.2/RPMS/mozilla-thunderbird-enigmail-1.0.2-5.1.102mdk.x86_64.rpm
 8c386f18a449d78d3917dca387624933  
x86_64/10.2/RPMS/mozilla-thunderbird-enigmime-1.0.2-5.1.102mdk.x86_64.rpm
 5320178037176424f209415c3862d014  
x86_64/10.2/SRPMS/mozilla-thunderbird-1.0.2-5.1.102mdk.src.rpm

 Mandrivalinux 2006.0:
 af3330f345b3b92307550a57fb7efa80  
2006.0/RPMS/mozilla-thunderbird-1.0.6-7.1.20060mdk.i586.rpm
 9ad77bad0b6c6033e063ed21a8a2cb0b  
2006.0/RPMS/mozilla-thunderbird-enigmail-1.0.6-7.1.20060mdk.i586.rpm
 141909e4e4676c0c8a5525a3e3eb921d  
2006.0/RPMS/mozilla-thunderbird-enigmime-1.0.6-7.1.20060mdk.i586.rpm
 b1db5880eb9ac8792a2f25e547343607  
2006.0/SRPMS/mozilla-thunderbird-1.0.6-7.1.20060mdk.src.rpm

 Mandrivalinux 2006.0/X86_64:
 b7e7527e98969ff677e2caf013a84ab7  
x86_64/2006.0/RPMS/mozilla-thunderbird-1.0.6-7.1.20060mdk.x86_64.rpm
 87ca5eace6c6823cda7efac54ffe5945  
x86_64/2006.0/RPMS/mozilla-thunderbird-enigmail-1.0.6-7.1.20060mdk.x86_64.rpm
 8305e439803991791ca1aff020877274  
x86_64/2006.0/RPMS/mozilla-thunderbird-enigmime-1.0.6-7.1.20060mdk.x86_64.rpm
 b1db5880eb9ac8792a2f25e547343607  
x86_64/2006.0/SRPMS/mozilla-thunderbird-1.0.6-7.1.20060mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDReYYmqjQ0CJFipgRAsG2AKDxrB+hRoWVefE3oWKpF24qKNxSFQCg3VPa
tPD5MxLMdKTSnycrbjE3h4A=
=1IuT
-----END PGP SIGNATURE-----

Prev by Date: MDKSA-2005:173 - Updated mozilla-firefox packages fix vulnerabilities
Next by Date: MDKSA-2005:175 - Updated texinfo packages fix temporary file vulnerability
Previous by thread: MDKSA-2005:173 - Updated mozilla-firefox packages fix vulnerabilities
Next by thread: MDKSA-2005:175 - Updated texinfo packages fix temporary file vulnerability
Index(es):
- Date
- Thread