Mozilla Thunderbird ESR Multiple Vulnerabilities-01 (Windows)

  1. Network Vulnerabilities
  2. General
  3. Mozilla Thunderbird ESR Multiple Vulnerabilities-01 (Windows)
Summary
The host is installed with Mozilla Thunderbird ESR and is prone to multiple vulnerabilities.
Impact
Successful exploitation will let attackers to conduct cross site scripting attacks, cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unspecified vectors. Impact Level: System/Application
Solution
Upgrade to Thunderbird ESR version 10.0.8 or later, http://www.mozilla.org/en-US/thunderbird
Insight
The flaws are due to - memory corruption issues - An error within Chrome Object Wrapper (COW) when handling the 'InstallTrigger' object can be exploited to access certain privileged functions and properties. - Use-after-free in the IME State Manager code. - combination of invoking full screen mode and navigating backwards in history could, in some circumstances, cause a hang or crash due to a timing dependent use-after-free pointer reference. - Several methods of a feature used for testing (DOMWindowUtils) are not protected by existing security checks, allowing these methods to be called through script by web pages. - An error when GetProperty function is invoked through JSAPI, security checking can be bypassed when getting cross-origin properties. - An issue with spoofing of the location property. - Use-after-free, buffer overflow, and out of bounds read issues. - The location property can be accessed by binary plugins through top.location and top can be shadowed by Object.define Property as well. This can allow for possible XSS attacks through plugins. - several memory safety bugs in the browser engine used in mozilla products.
Affected
Thunderbird ESR versions 10.x before 10.0.8 on Windows
References
Updated on 2015-03-25
Severity
High Severity
Classification
Related Vulnerabilities