Summary
Ubuntu Update for Linux kernel vulnerabilities USN-1020-1
Solution
Please Install the Updated Packages.
Insight
Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov discovered several memory issues in the browser engine. An attacker could exploit these to crash THunderbird or possibly run arbitrary code as the user invoking the program. (CVE-2010-3776, CVE-2010-3777, CVE-2010-3778)
Marc Schoenefeld and Christoph Diehl discovered several problems when handling downloadable fonts. The new OTS font sanitizing library was added to mitigate these issues. (CVE-2010-3768)
Affected
Thunderbird vulnerabilities on Ubuntu 10.04 LTS ,
Ubuntu 10.10
Severity
Classification
-
CVE CVE-2010-3768, CVE-2010-3776, CVE-2010-3777, CVE-2010-3778 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities