---------------------------------------------------------------------Fedora Update Notification
FEDORA-2005-604
2005-07-20
---------------------------------------------------------------------Product     : Fedora Core 3
Name        : thunderbird
Version     : 1.0.6                      
Release     : 1.1.fc3                  
Summary     : Mozilla Thunderbird mail/newsgroup client
Description :
Mozilla Thunderbird is a standalone mail and newsgroup client.

---------------------------------------------------------------------Update Information:

Mozilla Thunderbird is a standalone mail and newsgroup client.

A bug was found in the way Thunderbird handled anonymous functions during
regular expression string replacement. It is possible for a malicious HTML
mail to capture a random block of client memory. The Common
Vulnerabilities and Exposures project has assigned this bug the name
CAN-2005-0989.

A bug was found in the way Thunderbird validated several XPInstall related
JavaScript objects. A malicious HTML mail could pass other objects to the
XPInstall objects, resulting in the JavaScript interpreter jumping to
arbitrary locations in memory. (CAN-2005-1159)

A bug was found in the way the Thunderbird privileged UI code handled DOM
nodes from the content window. An HTML message could install malicious
JavaScript code or steal data when a user performs commonplace actions such
as clicking a link or opening the context menu. (CAN-2005-1160)

A bug was found in the way Thunderbird executed JavaScript code. JavaScript
executed from HTML mail should run with a restricted access level,
preventing dangerous actions. It is possible that a malicious HTML mail
could execute JavaScript code with elevated privileges, allowing access to
protected data and functions. (CAN-2005-1532)

A bug was found in the way Thunderbird executed Javascript in XBL controls.
It is possible for a malicious HTML mail to leverage this vulnerability to
execute other JavaScript based attacks even when JavaScript is disabled.
(CAN-2005-2261)

A bug was found in the way Thunderbird handled certain Javascript
functions. It is possible for a malicious HTML mail to crash the client by
executing malformed Javascript code. (CAN-2005-2265)

A bug was found in the way Thunderbird handled child frames. It is possible
for a malicious framed HTML mail to steal sensitive information from its
parent frame. (CAN-2005-2266)

A bug was found in the way Thunderbird handled DOM node names. It is
possible for a malicious HTML mail to overwrite a DOM node name, allowing
certain privileged chrome actions to execute the malicious JavaScript.
(CAN-2005-2269)

A bug was found in the way Thunderbird cloned base objects. It is possible
for HTML content to navigate up the prototype chain to gain access to
privileged chrome objects. (CAN-2005-2270)

Users of Thunderbird are advised to upgrade to this updated package that
contains Thunderbird version 1.0.6 and is not vulnerable to these issues. 
---------------------------------------------------------------------* Wed Jul 20 2005 Christopher Aillon  1.0.6-1.1.fc3
- Update to 1.0.6

* Mon Jul 18 2005 Christopher Aillon  1.0.6-0.1.fc3
- 1.0.6 Release Candidate


---------------------------------------------------------------------This update can be downloaded from:
  
e060dd6ce427541531cc40c28a678643  SRPMS/thunderbird-1.0.6-1.1.fc3.src.rpm
617b9df6931ff067e896d29399849df0  x86_64/thunderbird-1.0.6-1.1.fc3.x86_64.rpm
8bcb33b02ad164e499e4109dc6909caa  x86_64/debug/thunderbird-debuginfo-1.0.6-1.1.fc3.x86_64.rpm
2781375f4ff5c6280692d573787f5064  i386/thunderbird-1.0.6-1.1.fc3.i386.rpm
774d64ba857b9c430c3ae87471bc68f6  i386/debug/thunderbird-debuginfo-1.0.6-1.1.fc3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
-----------------------------------------------------------------------fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

Fedora Core 3 Update: thunderbird-1.0.6-1.1.fc3

July 20, 2005
Fix various security related bugs.

Summary

Mozilla Thunderbird is a standalone mail and newsgroup client.

Mozilla Thunderbird is a standalone mail and newsgroup client.

A bug was found in the way Thunderbird handled anonymous functions during

regular expression string replacement. It is possible for a malicious HTML

mail to capture a random block of client memory. The Common

Vulnerabilities and Exposures project has assigned this bug the name

CAN-2005-0989.

A bug was found in the way Thunderbird validated several XPInstall related

JavaScript objects. A malicious HTML mail could pass other objects to the

XPInstall objects, resulting in the JavaScript interpreter jumping to

arbitrary locations in memory. (CAN-2005-1159)

A bug was found in the way the Thunderbird privileged UI code handled DOM

nodes from the content window. An HTML message could install malicious

JavaScript code or steal data when a user performs commonplace actions such

as clicking a link or opening the context menu. (CAN-2005-1160)

A bug was found in the way Thunderbird executed JavaScript code. JavaScript

executed from HTML mail should run with a restricted access level,

preventing dangerous actions. It is possible that a malicious HTML mail

could execute JavaScript code with elevated privileges, allowing access to

protected data and functions. (CAN-2005-1532)

A bug was found in the way Thunderbird executed Javascript in XBL controls.

It is possible for a malicious HTML mail to leverage this vulnerability to

execute other JavaScript based attacks even when JavaScript is disabled.

(CAN-2005-2261)

A bug was found in the way Thunderbird handled certain Javascript

functions. It is possible for a malicious HTML mail to crash the client by

executing malformed Javascript code. (CAN-2005-2265)

A bug was found in the way Thunderbird handled child frames. It is possible

for a malicious framed HTML mail to steal sensitive information from its

parent frame. (CAN-2005-2266)

A bug was found in the way Thunderbird handled DOM node names. It is

possible for a malicious HTML mail to overwrite a DOM node name, allowing

certain privileged chrome actions to execute the malicious JavaScript.

(CAN-2005-2269)

A bug was found in the way Thunderbird cloned base objects. It is possible

for HTML content to navigate up the prototype chain to gain access to

privileged chrome objects. (CAN-2005-2270)

Users of Thunderbird are advised to upgrade to this updated package that

contains Thunderbird version 1.0.6 and is not vulnerable to these issues.

- Update to 1.0.6

* Mon Jul 18 2005 Christopher Aillon 1.0.6-0.1.fc3

- 1.0.6 Release Candidate

e060dd6ce427541531cc40c28a678643 SRPMS/thunderbird-1.0.6-1.1.fc3.src.rpm

617b9df6931ff067e896d29399849df0 x86_64/thunderbird-1.0.6-1.1.fc3.x86_64.rpm

8bcb33b02ad164e499e4109dc6909caa x86_64/debug/thunderbird-debuginfo-1.0.6-1.1.fc3.x86_64.rpm

2781375f4ff5c6280692d573787f5064 i386/thunderbird-1.0.6-1.1.fc3.i386.rpm

774d64ba857b9c430c3ae87471bc68f6 i386/debug/thunderbird-debuginfo-1.0.6-1.1.fc3.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-announce-list

FEDORA-2005-604 2005-07-20 Name : thunderbird Version : 1.0.6 Release : 1.1.fc3 Summary : Mozilla Thunderbird mail/newsgroup client Description : Mozilla Thunderbird is a standalone mail and newsgroup client. Mozilla Thunderbird is a standalone mail and newsgroup client. A bug was found in the way Thunderbird handled anonymous functions during regular expression string replacement. It is possible for a malicious HTML mail to capture a random block of client memory. The Common Vulnerabilities and Exposures project has assigned this bug the name CAN-2005-0989. A bug was found in the way Thunderbird validated several XPInstall related JavaScript objects. A malicious HTML mail could pass other objects to the XPInstall objects, resulting in the JavaScript interpreter jumping to arbitrary locations in memory. (CAN-2005-1159) A bug was found in the way the Thunderbird privileged UI code handled DOM nodes from the content window. An HTML message could install malicious JavaScript code or steal data when a user performs commonplace actions such as clicking a link or opening the context menu. (CAN-2005-1160) A bug was found in the way Thunderbird executed JavaScript code. JavaScript executed from HTML mail should run with a restricted access level, preventing dangerous actions. It is possible that a malicious HTML mail could execute JavaScript code with elevated privileges, allowing access to protected data and functions. (CAN-2005-1532) A bug was found in the way Thunderbird executed Javascript in XBL controls. It is possible for a malicious HTML mail to leverage this vulnerability to execute other JavaScript based attacks even when JavaScript is disabled. (CAN-2005-2261) A bug was found in the way Thunderbird handled certain Javascript functions. It is possible for a malicious HTML mail to crash the client by executing malformed Javascript code. (CAN-2005-2265) A bug was found in the way Thunderbird handled child frames. It is possible for a malicious framed HTML mail to steal sensitive information from its parent frame. (CAN-2005-2266) A bug was found in the way Thunderbird handled DOM node names. It is possible for a malicious HTML mail to overwrite a DOM node name, allowing certain privileged chrome actions to execute the malicious JavaScript. (CAN-2005-2269) A bug was found in the way Thunderbird cloned base objects. It is possible for HTML content to navigate up the prototype chain to gain access to privileged chrome objects. (CAN-2005-2270) Users of Thunderbird are advised to upgrade to this updated package that contains Thunderbird version 1.0.6 and is not vulnerable to these issues. - Update to 1.0.6 * Mon Jul 18 2005 Christopher Aillon 1.0.6-0.1.fc3 - 1.0.6 Release Candidate e060dd6ce427541531cc40c28a678643 SRPMS/thunderbird-1.0.6-1.1.fc3.src.rpm 617b9df6931ff067e896d29399849df0 x86_64/thunderbird-1.0.6-1.1.fc3.x86_64.rpm 8bcb33b02ad164e499e4109dc6909caa x86_64/debug/thunderbird-debuginfo-1.0.6-1.1.fc3.x86_64.rpm 2781375f4ff5c6280692d573787f5064 i386/thunderbird-1.0.6-1.1.fc3.i386.rpm 774d64ba857b9c430c3ae87471bc68f6 i386/debug/thunderbird-debuginfo-1.0.6-1.1.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. fedora-announce-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-announce-list

Change Log

References

Update Instructions

Severity
Name : thunderbird
Version : 1.0.6
Release : 1.1.fc3
Summary : Mozilla Thunderbird mail/newsgroup client

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved