Pardus: 2010-89: Thunderbird: Multiple
Posted by Benjamin D. Thomas   
Multiple vulnerabilities have been fixed in Thunderbird.
------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-89            security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-06-30
  Severity: 3
      Type: Local
------------------------------------------------------------------------

Summary
======
Multiple vulnerabilities have been fixed in Thunderbird.


Description
==========
CVE-2010-1121:

Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the  scopes
of DOM nodes that are moved from one document to another, which  allows
remote attackers to conduct use-after-free attacks and execute arbitrary
code via unspecified vectors involving improper interaction with garbage
collection, as demonstrated by Nils during  a  Pwn2Own  competition  at
CanSecWest 2010.



CVE-2010-1196:

Integer overflow in the nsGenericDOMDataNode::SetTextInternal  function
in  Mozilla Firefox  3.5.x  before  3.5.10  and  3.6.x  before  3.6.4,
Thunderbird before 3.0.5, and  SeaMonkey  before  2.0.5  allows  remote
attackers to execute arbitrary code via a DOM node  with  a  long  text
value that triggers a heap-based buffer overflow.



CVE-2010-1199:

Integer overflow in the XSLT node  sorting  implementation  in  Mozilla
Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird  before
3.0.5, and SeaMonkey before 2.0.5 allows remote  attackers  to  execute
arbitrary code via a large text value for a node.



CVE-2010-1200:

Multiple unspecified vulnerabilities in the browser engine  in  Mozilla
Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird  before
3.0.5, and SeaMonkey before 2.0.5 allow remote  attackers  to  cause  a
denial of service (memory corruption and application crash) or possibly
execute arbitrary code via unknown vectors.



CVE-2010-1201:

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x
before 3.5.10, Thunderbird before 3.0.5,  and  SeaMonkey  before  2.0.5
allows remote attackers to cause a denial of service (memory corruption
and application crash) or possibly execute arbitrary code  via  unknown
vectors.



CVE-2010-1202:

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla
Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird  before
3.0.5, and SeaMonkey before 2.0.5 allow remote  attackers  to  cause  a
denial of service (memory corruption and application crash) or possibly
execute arbitrary code via unknown vectors.



CVE-2010-1203:

The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote
attackers  to cause  a  denial  of  service  (memory  corruption   and
application crash) or possibly execute arbitrary code via vectors  that
trigger an assertion failure in jstracer.cpp.



Affected packages:

  Pardus 2009:
    thunderbird, all before 3.0.5-53-10


Resolution
=========
There are update(s) for thunderbird. You can update  them  via  Package
Manager or with a single command from console:

    pisi up thunderbird

References
=========
  * http://bugs.pardus.org.tr/show_bug.cgi?id603
  * http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html

------------------------------------------------------------------------