Executive Summary

Informations
NameMDVSA-2011:042First vendor Publication2011-03-07
VendorMandrivaLast vendor Modification2011-03-07
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Security issues were identified and fixed in mozilla-thunderbird:

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2011-0053).

Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image (CVE-2011-0061).

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2011-0062).

The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element (CVE-2010-1585).

Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490

Additionally, some packages which require so, have been rebuilt and are being provided as updates.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2011:042

CWE : Common Weakness Enumeration

idName
CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
CWE-20Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12532
 
Oval ID: oval:org.mitre.oval:def:12532
Title: Remote code execution vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 through ParanoidFragmentSink protection mechanism
Description: The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1585
Version: 12
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21816
 
Oval ID: oval:org.mitre.oval:def:21816
Title: RHSA-2011:0312: thunderbird security update (Moderate)
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: unix Class: patch
Reference(s): RHSA-2011:0312-01
CVE-2011-0051
CVE-2011-0053
Version: 29
Platform(s): Red Hat Enterprise Linux 5
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14379
 
Oval ID: oval:org.mitre.oval:def:14379
Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0053
Version: 11
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Thunderbird
Mozilla Firefox
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23238
 
Oval ID: oval:org.mitre.oval:def:23238
Title: ELSA-2011:0312: thunderbird security update (Moderate)
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: unix Class: patch
Reference(s): ELSA-2011:0312-01
CVE-2011-0051
CVE-2011-0053
Version: 10
Platform(s): Oracle Linux 4
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14486
 
Oval ID: oval:org.mitre.oval:def:14486
Title: Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.
Description: Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0061
Version: 11
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Seamonkey
Mozilla Thunderbird
Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21522
 
Oval ID: oval:org.mitre.oval:def:21522
Title: RHSA-2011:0311: thunderbird security update (Critical)
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: unix Class: patch
Reference(s): RHSA-2011:0311-01
CVE-2010-1585
CVE-2011-0053
CVE-2011-0061
CVE-2011-0062
Version: 55
Platform(s): Red Hat Enterprise Linux 6
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21214
 
Oval ID: oval:org.mitre.oval:def:21214
Title: RHSA-2011:0310: firefox security and bug fix update (Critical)
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: unix Class: patch
Reference(s): RHSA-2011:0310-01
CVE-2010-1585
CVE-2011-0051
CVE-2011-0053
CVE-2011-0054
CVE-2011-0055
CVE-2011-0056
CVE-2011-0057
CVE-2011-0058
CVE-2011-0059
CVE-2011-0061
CVE-2011-0062
Version: 146
Platform(s): Red Hat Enterprise Linux 6
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14409
 
Oval ID: oval:org.mitre.oval:def:14409
Title: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0062
Version: 8
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000
Product(s): Mozilla Firefox
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23640
 
Oval ID: oval:org.mitre.oval:def:23640
Title: ELSA-2011:0311: thunderbird security update (Critical)
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: unix Class: patch
Reference(s): ELSA-2011:0311-01
CVE-2010-1585
CVE-2011-0053
CVE-2011-0061
CVE-2011-0062
Version: 18
Platform(s): Oracle Linux 6
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23573
 
Oval ID: oval:org.mitre.oval:def:23573
Title: ELSA-2011:0310: firefox security and bug fix update (Critical)
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: unix Class: patch
Reference(s): ELSA-2011:0310-01
CVE-2010-1585
CVE-2011-0051
CVE-2011-0053
CVE-2011-0054
CVE-2011-0055
CVE-2011-0056
CVE-2011-0057
CVE-2011-0058
CVE-2011-0059
CVE-2011-0061
CVE-2011-0062
Version: 46
Platform(s): Oracle Linux 4
Oracle Linux 6
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application101
Application56
Application81

OpenVAS Exploits

DateDescription
2012-07-09Name : RedHat Update for thunderbird RHSA-2011:0311-01
File : nvt/gb_RHSA-2011_0311-01_thunderbird.nasl
2011-05-12Name : Debian Security Advisory DSA 2186-1 (iceweasel)
File : nvt/deb_2186_1.nasl
2011-05-12Name : Debian Security Advisory DSA 2187-1 (icedove)
File : nvt/deb_2187_1.nasl
2011-05-10Name : Ubuntu Update for xulrunner-1.9.1 USN-1123-1
File : nvt/gb_ubuntu_USN_1123_1.nasl
2011-05-05Name : Mandriva Update for mozilla-thunderbird MDVSA-2011:080 (mozilla-thunderbird)
File : nvt/gb_mandriva_MDVSA_2011_080.nasl
2011-03-15Name : Mandriva Update for mozilla-thunderbird MDVSA-2011:042 (mozilla-thunderbird)
File : nvt/gb_mandriva_MDVSA_2011_042.nasl
2011-03-15Name : Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-1049-2
File : nvt/gb_ubuntu_USN_1049_2.nasl
2011-03-10Name : Mozilla Products Browser Engine Multiple Unspecified Vulnerabilities March-11...
File : nvt/gb_mozilla_prdts_be_mult_unspecified_vuln_win_mar11.nasl
2011-03-10Name : Mozilla Products Buffer Overflow Vulnerability March-11 (Windows)
File : nvt/gb_mozilla_prdts_bof_vuln_win_mar11.nasl
2011-03-10Name : Mozilla Products Multiple Unspecified Vulnerabilities March-11 (Windows)
File : nvt/gb_mozilla_prdts_mult_unspecified_vuln_win_mar11.nasl
2011-03-09Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox54.nasl
2011-03-09Name : Debian Security Advisory DSA 2180-1 (iceape)
File : nvt/deb_2180_1.nasl
2011-03-08Name : Mandriva Update for firefox MDVSA-2011:041 (firefox)
File : nvt/gb_mandriva_MDVSA_2011_041.nasl
2011-03-07Name : CentOS Update for firefox CESA-2011:0310 centos4 i386
File : nvt/gb_CESA-2011_0310_firefox_centos4_i386.nasl
2011-03-07Name : CentOS Update for thunderbird CESA-2011:0312 centos4 i386
File : nvt/gb_CESA-2011_0312_thunderbird_centos4_i386.nasl
2011-03-07Name : CentOS Update for seamonkey CESA-2011:0313 centos4 i386
File : nvt/gb_CESA-2011_0313_seamonkey_centos4_i386.nasl
2011-03-07Name : Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-1049-1
File : nvt/gb_ubuntu_USN_1049_1.nasl
2011-03-07Name : Ubuntu Update for thunderbird vulnerabilities USN-1050-1
File : nvt/gb_ubuntu_USN_1050_1.nasl
2011-03-07Name : RedHat Update for firefox RHSA-2011:0310-01
File : nvt/gb_RHSA-2011_0310-01_firefox.nasl
2011-03-07Name : RedHat Update for thunderbird RHSA-2011:0312-01
File : nvt/gb_RHSA-2011_0312-01_thunderbird.nasl
2011-03-07Name : RedHat Update for seamonkey RHSA-2011:0313-01
File : nvt/gb_RHSA-2011_0313-01_seamonkey.nasl
2010-05-04Name : Mozilla Firefox Code Execution Vulnerability (Win) - May10
File : nvt/gb_firefox_code_exe_vuln_win_may10.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
72466Mozilla Multiple Products JPEG Image Decoding Overflow
72465Mozilla Multiple Products ParanoidFragmentSink nsIScriptableUnescapeHTML.pars...
72454Mozilla Multiple Products JSObject::dropProperty Memory Corruption
72449Mozilla Multiple Products jstracer.cpp TraceRecorder::box_jsval() Function Me...
72448Mozilla Multiple Products nsUTF8ToUnicode Buffer Overrun Memory Corruption
72447Mozilla Multiple Products nsEUCJPToUnicodeV2::Convert Buffer Writing Memory C...
72446Mozilla Multiple Products AddRef() nsNPAPIPluginInstance::mOwner Deleted Obje...
72445Mozilla Multiple Products js/src/xpconnect/src/xpcwrappednative.cpp Incorrect...
72444Mozilla Multiple Products nsSHTransaction::GetPrev Memory Corruption DoS
72443Mozilla Multiple Products Valgrind Testcase Invalid Read / Write Memory Corru...
72442Mozilla Multiple Products abs.pos. Continuations Style Context Memory Corruption
72441Mozilla Multiple Products v_ins->isF64() /jstracer.cpp:9347 Assertion Fail...
72440Mozilla Multiple Products popTemplateRule Call txExecutionState.init Memory C...
72439Mozilla Multiple Products GC / OOM Reporting Title Lock Function Allocation M...
72438Mozilla Multiple Products nsXULTemplateBuilder/nsXULTemplateQueryProcessorXML...
72437Mozilla Multiple Products jsapi.cpp JS_ResolveStandardClass String.prototype ...
64150Mozilla Firefox nsIScriptableUnescapeHTML.parseFragment Method Multiple Eleme...

Nessus® Vulnerability Scanner

DateDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0310.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2011-0311.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2011-0312.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0313.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2011-0374.nasl - Type : ACT_GATHER_INFO
2013-01-08Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110301_seamonkey_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing a security update.
File : sl_20110301_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing a security update.
File : sl_20110301_thunderbird_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110301_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_MozillaFirefox-7421.nasl - Type : ACT_GATHER_INFO
2011-06-13Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1123-1.nasl - Type : ACT_GATHER_INFO
2011-05-05Name : The remote SuSE system is missing a security patch for mozilla-xulrunner191
File : suse_11_2_mozilla-xulrunner191-110302.nasl - Type : ACT_GATHER_INFO
2011-05-05Name : The remote SuSE system is missing a security patch for MozillaFirefox
File : suse_11_2_MozillaFirefox-110308.nasl - Type : ACT_GATHER_INFO
2011-05-05Name : The remote SuSE system is missing a security patch for MozillaThunderbird
File : suse_11_2_MozillaThunderbird-110302.nasl - Type : ACT_GATHER_INFO
2011-05-05Name : The remote SuSE system is missing a security patch for seamonkey
File : suse_11_2_seamonkey-110302.nasl - Type : ACT_GATHER_INFO
2011-05-02Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-080.nasl - Type : ACT_GATHER_INFO
2011-03-24Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2011-0374.nasl - Type : ACT_GATHER_INFO
2011-03-23Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0374.nasl - Type : ACT_GATHER_INFO
2011-03-14Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_mozilla-xulrunner191-110303.nasl - Type : ACT_GATHER_INFO
2011-03-14Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_MozillaFirefox-110307.nasl - Type : ACT_GATHER_INFO
2011-03-14Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mozilla-xulrunner191-7363.nasl - Type : ACT_GATHER_INFO
2011-03-11Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2186.nasl - Type : ACT_GATHER_INFO
2011-03-11Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2187.nasl - Type : ACT_GATHER_INFO
2011-03-08Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-042.nasl - Type : ACT_GATHER_INFO
2011-03-08Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1049-2.nasl - Type : ACT_GATHER_INFO
2011-03-07Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-041.nasl - Type : ACT_GATHER_INFO
2011-03-04Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2180.nasl - Type : ACT_GATHER_INFO
2011-03-03Name : The remote Windows host contains a web browser affected by multiple vulnerabi...
File : mozilla_firefox_3517.nasl - Type : ACT_GATHER_INFO
2011-03-03Name : The remote Windows host contains a web browser affected by multiple vulnerabi...
File : mozilla_firefox_3614.nasl - Type : ACT_GATHER_INFO
2011-03-03Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1049-1.nasl - Type : ACT_GATHER_INFO
2011-03-03Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1050-1.nasl - Type : ACT_GATHER_INFO
2011-03-03Name : The remote Windows host contains a mail client that is affected by multiple v...
File : mozilla_thunderbird_318.nasl - Type : ACT_GATHER_INFO
2011-03-03Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2011-0310.nasl - Type : ACT_GATHER_INFO
2011-03-03Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2011-0312.nasl - Type : ACT_GATHER_INFO
2011-03-03Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0313.nasl - Type : ACT_GATHER_INFO
2011-03-03Name : The remote Windows host contains a web browser affected by multiple vulnerabi...
File : seamonkey_2012.nasl - Type : ACT_GATHER_INFO
2011-03-02Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_45f102cd445611e095804061862b8c22.nasl - Type : ACT_GATHER_INFO
2011-03-02Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0310.nasl - Type : ACT_GATHER_INFO
2011-03-02Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0311.nasl - Type : ACT_GATHER_INFO
2011-03-02Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-0312.nasl - Type : ACT_GATHER_INFO
2011-03-02Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0313.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2014-02-17 11:42:07
  • Multiple Updates