Rapid7 Vulnerability & Exploit Database

RHSA-2010:0545: thunderbird security update

Back to Search

RHSA-2010:0545: thunderbird security update

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
04/05/2010
Created
07/25/2018
Added
07/28/2010
Modified
07/04/2017

Description

Mozilla Thunderbird is a standalone mail and newsgroup client.A memory corruption flaw was found in the way Thunderbird decoded certainPNG images. An attacker could create a mail message containing aspecially-crafted PNG image that, when opened, could cause Thunderbird tocrash or, potentially, execute arbitrary code with the privileges of theuser running Thunderbird. (CVE-2010-1205)Several flaws were found in the processing of malformed HTML mail content.An HTML mail message containing malicious content could cause Thunderbirdto crash or, potentially, execute arbitrary code with the privileges of theuser running Thunderbird. (CVE-2010-0174, CVE-2010-1200, CVE-2010-1211,CVE-2010-1214, CVE-2010-2753)An integer overflow flaw was found in the processing of malformed HTML mailcontent. An HTML mail message containing malicious content could causeThunderbird to crash or, potentially, execute arbitrary code with theprivileges of the user running Thunderbird. (CVE-2010-1199)Several use-after-free flaws were found in Thunderbird. Viewing an HTMLmail message containing malicious content could result in Thunderbirdexecuting arbitrary code with the privileges of the user runningThunderbird. (CVE-2010-0175, CVE-2010-0176, CVE-2010-0177)A flaw was found in the way Thunderbird plug-ins interact. It was possiblefor a plug-in to reference the freed memory from a different plug-in,resulting in the execution of arbitrary code with the privileges of theuser running Thunderbird. (CVE-2010-1198)A flaw was found in the way Thunderbird handled the "Content-Disposition:attachment" HTTP header when the "Content-Type: multipart" HTTP header wasalso present. Loading remote HTTP content that allows arbitrary uploads andrelies on the "Content-Disposition: attachment" HTTP header to preventcontent from being displayed inline, could be used by an attacker to servemalicious content to users. (CVE-2010-1197)A same-origin policy bypass flaw was found in Thunderbird. Remote HTMLcontent could steal private data from different remote HTML contentThunderbird has loaded. (CVE-2010-2754)All Thunderbird users should upgrade to this updated package, whichresolves these issues. All running instances of Thunderbird must berestarted for the update to take effect.

Solution(s)

  • redhat-upgrade-thunderbird

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;