diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /metadata/glsa/glsa-200608-04.xml |
reinit the tree, so we can have metadata
Diffstat (limited to 'metadata/glsa/glsa-200608-04.xml')
-rw-r--r-- | metadata/glsa/glsa-200608-04.xml | 125 |
1 files changed, 125 insertions, 0 deletions
diff --git a/metadata/glsa/glsa-200608-04.xml b/metadata/glsa/glsa-200608-04.xml new file mode 100644 index 000000000000..0ff603d7def8 --- /dev/null +++ b/metadata/glsa/glsa-200608-04.xml @@ -0,0 +1,125 @@ +<?xml version="1.0" encoding="utf-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="200608-04"> + <title>Mozilla Thunderbird: Multiple vulnerabilities</title> + <synopsis> + The Mozilla Foundation has reported numerous security vulnerabilities + related to Mozilla Thunderbird. + </synopsis> + <product type="ebuild">Thunderbird</product> + <announced>2006-08-03</announced> + <revised>2006-08-03: 01</revised> + <bug>141842</bug> + <access>remote</access> + <affected> + <package name="mail-client/mozilla-thunderbird" auto="yes" arch="*"> + <unaffected range="ge">1.5.0.5</unaffected> + <vulnerable range="lt">1.5.0.5</vulnerable> + </package> + <package name="mail-client/mozilla-thunderbird-bin" auto="yes" arch="*"> + <unaffected range="ge">1.5.0.5</unaffected> + <vulnerable range="lt">1.5.0.5</vulnerable> + </package> + </affected> + <background> + <p> + The Mozilla Thunderbird mail client is a redesign of the Mozilla Mail + component. The goal is to produce a cross-platform stand-alone mail + application using XUL (XML User Interface Language). + </p> + </background> + <description> + <p> + The following vulnerabilities have been reported: + </p> + <ul> + <li>Benjamin Smedberg discovered that chrome URLss could be made to + reference remote files.</li> + <li>Developers in the Mozilla community + looked for and fixed several crash bugs to improve the stability of + Mozilla clients.</li> + <li>"shutdown" reports that cross-site scripting + (XSS) attacks could be performed using the construct + XPCNativeWrapper(window).Function(...), which created a function that + appeared to belong to the window in question even after it had been + navigated to the target site.</li> + <li>"shutdown" reports that scripts + granting the UniversalBrowserRead privilege can leverage that into the + equivalent of the far more powerful UniversalXPConnect since they are + allowed to "read" into a privileged context.</li> + <li>"moz_bug_r_a4" + discovered that Named JavaScript functions have a parent object created + using the standard Object() constructor (ECMA-specified behavior) and + that this constructor can be redefined by script (also ECMA-specified + behavior).</li> + <li>Igor Bukanov and shutdown found additional places + where an untimely garbage collection could delete a temporary object + that was in active use.</li> + <li>Georgi Guninski found potential + integer overflow issues with long strings in the toSource() methods of + the Object, Array and String objects as well as string function + arguments.</li> + <li>H. D. Moore reported a testcase that was able to + trigger a race condition where JavaScript garbage collection deleted a + temporary variable still being used in the creation of a new Function + object.</li> + <li>A malicious page can hijack native DOM methods on a + document object in another domain, which will run the attacker's script + when called by the victim page.</li> + <li>Secunia Research has + discovered a vulnerability which is caused due to an memory corruption + error within the handling of simultaneously happening XPCOM events. + This leads to use of a deleted timer object.</li> + </ul> + </description> + <impact type="normal"> + <p> + A user can be enticed to open specially crafted URLs, visit webpages + containing malicious JavaScript or execute a specially crafted script. + These events could lead to the execution of arbitrary code, or the + installation of malware on the user's computer. + </p> + </impact> + <workaround> + <p> + There is no known workaround at this time. + </p> + </workaround> + <resolution> + <p> + All Mozilla Thunderbird users should upgrade to the latest version: + </p> + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=mail-client/mozilla-thunderbird-1.5.0.5"</code> + <p> + All Mozilla Thunderbird binary users should upgrade to the latest + version: + </p> + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=mail-client/mozilla-thunderbird-bin-1.5.0.5"</code> + </resolution> + <references> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3113">CVE-2006-3113</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3802">CVE-2006-3802</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3803">CVE-2006-3803</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3804">CVE-2006-3804</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3805">CVE-2006-3805</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3806">CVE-2006-3806</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3807">CVE-2006-3807</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3809">CVE-2006-3809</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3810">CVE-2006-3810</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3811">CVE-2006-3811</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3812">CVE-2006-3812</uri> + </references> + <metadata tag="requester" timestamp="2006-07-28T14:37:07Z"> + DerCorny + </metadata> + <metadata tag="submitter" timestamp="2006-07-28T18:08:55Z"> + dizzutch + </metadata> + <metadata tag="bugReady" timestamp="2006-08-03T16:54:43Z"> + DerCorny + </metadata> +</glsa> |