LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

April 2011

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA April 2011

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA Critical: thunderbird security update on SL6.x i386/x86_64
From:	"Tyler L. Parsons" <[log in to unmask]>
Reply To:	Tyler L. Parsons
Date:	Fri, 29 Apr 2011 14:29:18 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (61 lines)

Synopsis: Critical: thunderbird security update
Issue date: 2011-04-28
CVE Names: CVE-2011-0070 CVE-2011-0071 CVE-2011-0073
                   CVE-2011-0074 CVE-2011-0075 CVE-2011-0077
                   CVE-2011-0078 CVE-2011-0080 CVE-2011-0081

Mozilla Thunderbird is a standalone mail and newsgroup client.

Several flaws were found in the processing of malformed HTML content. An
HTML mail message containing malicious content could possibly lead to
arbitrary code execution with the privileges of the user running
Thunderbird. (CVE-2011-0080, CVE-2011-0081)

An arbitrary memory write flaw was found in the way Thunderbird handled
out-of-memory conditions. If all memory was consumed when a user viewed a
malicious HTML mail message, it could possibly lead to arbitrary code
execution with the privileges of the user running Thunderbird.
(CVE-2011-0078)

An integer overflow flaw was found in the way Thunderbird handled the HTML
frameset tag. An HTML mail message with a frameset tag containing large
values for the "rows" and "cols" attributes could trigger this flaw,
possibly leading to arbitrary code execution with the privileges of the
user running Thunderbird. (CVE-2011-0077)

A flaw was found in the way Thunderbird handled the HTML iframe tag. An
HTML mail message with an iframe tag containing a specially-crafted source
address could trigger this flaw, possibly leading to arbitrary code
execution with the privileges of the user running Thunderbird.
(CVE-2011-0075)

A flaw was found in the way Thunderbird displayed multiple marquee
elements. A malformed HTML mail message could cause Thunderbird to execute
arbitrary code with the privileges of the user running Thunderbird.
(CVE-2011-0074)

A flaw was found in the way Thunderbird handled the nsTreeSelection
element. Malformed content could cause Thunderbird to execute arbitrary
code with the privileges of the user running Thunderbird. (CVE-2011-0073)

A directory traversal flaw was found in the Thunderbird resource://
protocol handler. Malicious content could cause Thunderbird to access
arbitrary files accessible to the user running Thunderbird. (CVE-2011-0071)

A double free flaw was found in the way Thunderbird handled
"application/http-index-format" documents. A malformed HTTP response could
cause Thunderbird to execute arbitrary code with the privileges of the user
running Thunderbird. (CVE-2011-0070)

All Thunderbird users should upgrade to this updated package, which
resolves these issues. All running instances of Thunderbird must be
restarted for the update to take effect.

SL 6.x
        i386:
thunderbird-3.1.10-1.el6_0.i686.rpm
        x86_64:
thunderbird-3.1.10-1.el6_0.x86_64.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV