SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (E-mail Client)  >   Mozilla Thunderbird Vendors:   Mozilla.org
Mozilla Thunderbird Bugs Let Remote Users Execute Arbitrary Code, Bypass Same-Domain Controls, and Spoof URLs
SecurityTracker Alert ID:  1024229
SecurityTracker URL:  http://securitytracker.com/id/1024229
CVE Reference:   CVE-2010-0654, CVE-2010-1205, CVE-2010-1207, CVE-2010-1210, CVE-2010-1211, CVE-2010-1212, CVE-2010-1213, CVE-2010-1215, CVE-2010-2752, CVE-2010-2753, CVE-2010-2754   (Links to External Site)
Updated:  Jul 21 2010
Original Entry Date:  Jul 21 2010
Impact:   Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 3.0.6, 3.1.1
Description:   Multiple vulnerabilities were reported in Mozilla Thunderbird. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can bypass same-site domain controls. A remote user can spoof URLs in the address bar.

A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target system [CVE-2010-1211, CVE-2010-1212, CVE-2010-2752, CVE-2010-2753]. The code will run with the privileges of the target user. Jesse Ruderman, Ehsan Akhgari, Mats Palmgren, Igor Bukanov, Gary Kwong, Tobias Markus, Daniel Holbert, David Anderson, Johnny Stenback, regenrecht via TippingPoint's Zero Day Initiative, J23 via TippingPoint's Zero Day Initiative, moz_bug_r_a4, and OUSPG researcher Aki Helin reported these vulnerabilities.

A remote user can exploit the Web Worker method importScripts to read and parse resources from other domains [CVE-2010-1213]. Yosuke Hasegawa reported this vulnerability.

A remote user can exploit a canvas element to read data from another site [CVE-2010-1207]. Mozilla developer Vladimir Vukicevic reported this vulnerability.

A remote user can use specially crafted 8 bit character encodings to cause certain characters to not be displayed [CVE-2010-1210]. This can be exploited to conduct cross-site scripting and other attacks. O. Andersen reported this vulnerability.

A remote user that can inject bogus CSS selectors into a target site and then retrieve the data using JavaScript APIs can obtain data from a different domain [CVE-2010-0654]. Google security researcher Chris Evans reported this vulnerability.

A remote user can trigger script errors where the script filename and line number is included in the error message to obtain potentially sensitive URL parameters from other domains [CVE-2010-2754]. Soroush Dalili reported this vulnerability.

Impact:   A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.

A remote user can bypass same-site domain controls.

A remote user can spoof URLs in the address bar.

Solution:   The vendor has issueed a fix (3.0.6, 3.1.1).

The vendor's advisories are available at:

http://www.mozilla.org/security/announce/2010/mfsa2010-34.html
http://www.mozilla.org/security/announce/2010/mfsa2010-38.html
http://www.mozilla.org/security/announce/2010/mfsa2010-39.html
http://www.mozilla.org/security/announce/2010/mfsa2010-40.html
http://www.mozilla.org/security/announce/2010/mfsa2010-41.html
http://www.mozilla.org/security/announce/2010/mfsa2010-42.html
http://www.mozilla.org/security/announce/2010/mfsa2010-43.html
http://www.mozilla.org/security/announce/2010/mfsa2010-44.html
http://www.mozilla.org/security/announce/2010/mfsa2010-46.html
http://www.mozilla.org/security/announce/2010/mfsa2010-47.html

Vendor URL:  www.mozilla.org/security/announce/2010/mfsa2010-34.html (Links to External Site)
Cause:   Access control error, Boundary error, Input validation error, State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jul 21 2010 (Red Hat Issues Fix) Mozilla Thunderbird Bugs Let Remote Users Execute Arbitrary Code, Bypass Same-Domain Controls, and Spoof URLs
Red Hat has issued a fix for CVE-2010-1211, CVE-2010-2753, and CVE-2010-2754 for Red Hat Enterprise Linux 4.
Jul 21 2010 (Red Hat Issues Fix) Mozilla Thunderbird Bugs Let Remote Users Execute Arbitrary Code, Bypass Same-Domain Controls, and Spoof URLs
Red Hat has issued a fix for CVE-2010-1205, CVE-2010-1211, CVE-2010-2753, and CVE-2010-2754 for Red Hat Enterprise Linux 5.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC