SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (E-mail Client)  >   Mozilla Thunderbird Vendors:   Mozilla.org
(CentOS Issues Fix for Mozilla Thunderbird) Mozilla Firefox Multiple Bugs Let Remote Users Spoof URLs, Bypass Cross-Domain Security Restrictions, Obtain Potentially Sensitive Information, and Execute Arbitrary Code
SecurityTracker Alert ID:  1040321
SecurityTracker URL:  http://securitytracker.com/id/1040321
CVE Reference:   CVE-2018-5089, CVE-2018-5095, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, CVE-2018-5117   (Links to External Site)
Date:  Feb 3 2018
Impact:   Execution of arbitrary code via network, Modification of system information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Multiple vulnerabilities were reported in Mozilla Firefox. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can bypass security controls on the target system. A remote user can spoof URLs. Mozilla Thunderbird is affected.

A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target user's system.

A use-after-free memory error may occur during WebRTC connections when interacting with the DTMF timers [CVE-2018-5091].

A use-after-free memory error may occur in a Web Worker [CVE-2018-5092].

A heap buffer overflow may occur in WebAssembly [CVE-2018-5093, CVE-2018-5094].

An integer overflow vulnerability may occur in the Skia library [CVE-2018-5095].

A use-after-free memory error may occur during XSL transformations [CVE-2018-5097].

A use-after-free memory error may occur when manipulating form input elements [CVE-2018-5098].

A use-after-free memory error may occur in the widget listener [CVE-2018-5099].

A use-after-free memory error may occur when IsPotentiallyScrollable arguments are freed from memory [CVE-2018-5100].

A use-after-free memory error may occur when manipulating floating first-letter style elements [CVE-2018-5101].

A use-after-free memory error may occur when manipulating HTML media elements with media streams [CVE-2018-5102].

A use-after-free memory error may occur during mouse event handling [CVE-2018-5103].

A use-after-free memory error may occur during font face manipulation [CVE-2018-5104].

An integer overflow may occur in the DoCrypt function of WebCrypto [CVE-2018-5122].

Other memory corruption errors may occur [CVE-2018-5089, CVE-2018-5090].

A remote user can cause WebExtensions to bypass user prompts to save and then open an arbitrarily downloaded file [CVE-2018-5105].

A remote user can bypass cross-origin restrictions via Developer Tools [CVE-2018-5106].

A user can bypass local access protections via symbolic links (symlinks) in the printing process [CVE-2018-5107].

A manually entered blob URL can be accessed by subsequent private browsing tabs [CVE-2018-5108].

A remote user can cause an audio capture session prompt to display the wrong origin [CVE-2018-5109].

A remote user can cause the cursor to become invisible [CVE-2018-5110]. OS X is affected.

A remote user can spoof address bar URLs via a drag and drop operation [CVE-2018-5111].

A remote user can cause Development Tools to load a non-relative URL [CVE-2018-5112].

A remote user can cause WebExtensions to load non-HTTPS pages [CVE-2018-5113].

A remote user can bypass HttpOnly cookie access in certain cases [CVE-2018-5114].

A remote user can cause a background network request to open an HTTP authentication over the foreground page [CVE-2018-5115].

A remote user can bypass cross-origin restrictions via WebExtensions with the ActiveTab permission [CVE-2018-5116].

A remote user can use right-to-left text in the address bar with left-to-right alignment to spoof URLs [CVE-2018-5117].

A remote user can create a specially crafted Activity Stream page to create local files and potentially bypass sandbox restrictions [CVE-2018-5118].

A remote user cay bypass cross-origin content restrictions in Reader view [CVE-2018-5119].

A remote user may be able to cause OS X Tibetan characters to render incompletely in the address bar to spoof domain names [CVE-2018-5121].

Abdulrahman Alqabandi, Alex Gaynor, Andrea Marchesini, Andreas Pehrson, Anonymous, Bob Clary, Calixte Denizet, Casper of Tencent's Xuanwu Lab, Christian Holler, Emilio Cobos Alvarez, Inkognito, JW Wang, Jason Kratzer, Jason Orendorff, Jerry Decime, Jesse Ruderman, Jun Kokatsu, Karl Tomlinson, Khalil Zhani, Looben Yang, Ludovic Hirlimann, Marcia Knous, Mario Gomes, Mike Taylor, Nathan Froyd, Nils, Nils Ohlmeier, OSS-Fuzz, Oriol Brufau, Paul Adenot, Paul Theriault, Philipp, Randell Jesup, Rob Wu, Ron Warholic, Ronald Crane, Ronen Zilberman, Ryan VanderMeulen, Sebastian Hengst, Stephen Fewer, Ted Campbell, Tristan Bourvon, Tyson Smith, Xidorn Quan, Yoshi Huang, and xisigr of Tencent's Xuanwu Lab reported these vulnerabilities.

Impact:   A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.

A remote user can bypass security controls on the target system.

A remote user can spoof a URL.

Solution:   CentOS has issued a fix for CVE-2018-5089, CVE-2018-5095, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, and CVE-2018-5117 for Mozilla Thunderbird.

i386:
4c5faa32a2ce2a7945e7e58a31c90a29f5c8bbc1522299ca8074ff0b179fe244 thunderbird-52.6.0-1.el6.centos.i686.rpm

x86_64:
4f97f078cdf9f020ebc5cad99100a54f18bb74b23673f8226fb77763320cebc8 thunderbird-52.6.0-1.el6.centos.x86_64.rpm

Source:
27aefaa5049fbe2eae663bca4d17c93281223bdae48cf918b774ee2ad6d7fec3 thunderbird-52.6.0-1.el6.centos.src.rpm

x86_64:
c5a42870fd0dbb44e82f8030a889a0bdf8cb2f8b1becb9d49763070d47820ff0 thunderbird-52.6.0-1.el7.centos.x86_64.rpm

Source:
92c034d0d0f6895453c4e371841d78a5bfdedb11df63cf21a1d1c341c5216f35 thunderbird-52.6.0-1.el7.centos.src.rpm

Cause:   Access control error, Boundary error, Input validation error, State error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  6, 7

Message History:   This archive entry is a follow-up to the message listed below.
Jan 24 2018 Mozilla Firefox Multiple Bugs Let Remote Users Spoof URLs, Bypass Cross-Domain Security Restrictions, Obtain Potentially Sensitive Information, and Execute Arbitrary Code



 Source Message Contents

Subject:  [CentOS-announce] CESA-2018:0262 Important CentOS 6 thunderbird Security Update


CentOS Errata and Security Advisory 2018:0262 Important

Upstream details at : https://access.redhat.com/errata/RHSA-2018:0262

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
4c5faa32a2ce2a7945e7e58a31c90a29f5c8bbc1522299ca8074ff0b179fe244  thunderbird-52.6.0-1.el6.centos.i686.rpm

x86_64:
4f97f078cdf9f020ebc5cad99100a54f18bb74b23673f8226fb77763320cebc8  thunderbird-52.6.0-1.el6.centos.x86_64.rpm

Source:
27aefaa5049fbe2eae663bca4d17c93281223bdae48cf918b774ee2ad6d7fec3  thunderbird-52.6.0-1.el6.centos.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC