Executive Summary

Summary
Title Thunderbird vulnerabilities
Informations
NameUSN-1925-1First vendor Publication2013-08-07
VendorUbuntuLast vendor Modification2013-08-07
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in Thunderbird.

Software Description:
- thunderbird: Mozilla Open Source mail and newsgroup client

Details:

Jeff Gilbert and Henrik Skupin discovered multiple memory safety issues
in Thunderbird. If the user were tricked in to opening a specially crafted
message with scripting enabled, an attacker could possibly exploit these
to cause a denial of service via application crash, or potentially execute
arbitrary code with the privileges of the user invoking Thunderbird.
(CVE-2013-1701)

It was discovered that a document's URI could be set to the URI of
a different document. If a user had scripting enabled, an attacker
could potentially exploit this to conduct cross-site scripting (XSS)
attacks. (CVE-2013-1709)

A flaw was discovered when generating a CRMF request in certain
circumstances. If a user had scripting enabled, an attacker could
potentially exploit this to conduct cross-site scripting (XSS) attacks,
or execute arbitrary code with the privileges of the user invoking
Thunderbird. (CVE-2013-1710)

Cody Crews discovered that some Javascript components performed security
checks against the wrong URI, potentially bypassing same-origin policy
restrictions. If a user had scripting enabled, an attacker could exploit
this to conduct cross-site scripting (XSS) attacks or install addons
from a malicious site. (CVE-2013-1713)

Federico Lanusse discovered that web workers could bypass cross-origin
checks when using XMLHttpRequest. If a user had scripting enabled, an
attacker could potentially exploit this to conduct cross-site scripting
(XSS) attacks. (CVE-2013-1714)

Georgi Guninski and John Schoenick discovered that Java applets could
access local files under certain circumstances. If a user had scripting
enabled, an attacker could potentially exploit this to steal confidential
data. (CVE-2013-1717)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
thunderbird 17.0.8+build1-0ubuntu0.13.04.1

Ubuntu 12.10:
thunderbird 17.0.8+build1-0ubuntu0.12.10.1

Ubuntu 12.04 LTS:
thunderbird 17.0.8+build1-0ubuntu0.12.04.1

After a standard system update you need to restart Thunderbird to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1925-1
CVE-2013-1701, CVE-2013-1709, CVE-2013-1710, CVE-2013-1713,
CVE-2013-1714, CVE-2013-1717, https://launchpad.net/bugs/1208041

Package Information:
https://launchpad.net/ubuntu/+source/thunderbird/17.0.8+build1-0ubuntu0.13.04.1
https://launchpad.net/ubuntu/+source/thunderbird/17.0.8+build1-0ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/thunderbird/17.0.8+build1-0ubuntu0.12.04.1


Original Source

Url : http://www.ubuntu.com/usn/USN-1925-1

CWE : Common Weakness Enumeration

idName
CWE-264Permissions, Privileges, and Access Controls
CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
CWE-20Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:18514
 
Oval ID: oval:org.mitre.oval:def:18514
Title: Miscellaneous memory safety hazards
Description: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1701
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18531
 
Oval ID: oval:org.mitre.oval:def:18531
Title: Document URI misrepresentation and masquerading
Description: Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving spoofing a relative location in a previously visited document.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1709
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18773
 
Oval ID: oval:org.mitre.oval:def:18773
Title: CRMF requests allow for code execution and XSS attacks
Description: The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code or conduct cross-site scripting (XSS) attacks via vectors related to Certificate Request Message Format (CRMF) request generation.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1710
Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18884
 
Oval ID: oval:org.mitre.oval:def:18884
Title: Wrong principal used for validating URI for some Javascript components
Description: Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks or install arbitrary add-ons via a crafted web site.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1713
Version: 9
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18002
 
Oval ID: oval:org.mitre.oval:def:18002
Title: Same-origin bypass with web workers and XMLHttpRequest
Description: The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1714
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20604
 
Oval ID: oval:org.mitre.oval:def:20604
Title: RHSA-2013:1140: firefox security update (Critical)
Description: Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.
Family: unix Class: patch
Reference(s): RHSA-2013:1140-01
CESA-2013:1140
CVE-2013-1701
CVE-2013-1709
CVE-2013-1710
CVE-2013-1713
CVE-2013-1714
CVE-2013-1717
Version: 87
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): firefox
xulrunner
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18367
 
Oval ID: oval:org.mitre.oval:def:18367
Title: Local Java applets may read contents of local file system
Description: Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1717
Version: 10
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Product(s): Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24091
 
Oval ID: oval:org.mitre.oval:def:24091
Title: ELSA-2013:1142: thunderbird security update (Important)
Description: Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.
Family: unix Class: patch
Reference(s): ELSA-2013:1142-02
CVE-2013-1701
CVE-2013-1709
CVE-2013-1710
CVE-2013-1713
CVE-2013-1714
CVE-2013-1717
Version: 26
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24083
 
Oval ID: oval:org.mitre.oval:def:24083
Title: ELSA-2013:1140: firefox security update (Critical)
Description: Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.
Family: unix Class: patch
Reference(s): ELSA-2013:1140-01
CVE-2013-1701
CVE-2013-1709
CVE-2013-1710
CVE-2013-1713
CVE-2013-1714
CVE-2013-1717
Version: 26
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22906
 
Oval ID: oval:org.mitre.oval:def:22906
Title: ELSA-2013:1140: firefox security update (Critical)
Description: Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.
Family: unix Class: patch
Reference(s): ELSA-2013:1140-01
CVE-2013-1701
CVE-2013-1709
CVE-2013-1710
CVE-2013-1713
CVE-2013-1714
CVE-2013-1717
Version: 26
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22897
 
Oval ID: oval:org.mitre.oval:def:22897
Title: ELSA-2013:1142: thunderbird security update (Important)
Description: Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.
Family: unix Class: patch
Reference(s): ELSA-2013:1142-02
CVE-2013-1701
CVE-2013-1709
CVE-2013-1710
CVE-2013-1713
CVE-2013-1714
CVE-2013-1717
Version: 26
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application7
Application8
Application147
Application8
Application8

ExploitDB Exploits

idDescription
2013-12-24Firefox 5.0 - 15.0.1 - __exposedProps__ XCS Code Execution

Metasploit Database

idDescription
2013-08-06 Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution

Nessus® Vulnerability Scanner

DateDescription
2013-09-28Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201309-23.nasl - Type : ACT_GATHER_INFO
2013-08-30Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2746.nasl - Type : ACT_GATHER_INFO
2013-08-14Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_MozillaFirefox-130809.nasl - Type : ACT_GATHER_INFO
2013-08-14Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_MozillaFirefox-130810.nasl - Type : ACT_GATHER_INFO
2013-08-09Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2735.nasl - Type : ACT_GATHER_INFO
2013-08-09Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_0998e79d005511e3905b0025905a4771.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote Windows host contains a web browser that is potentially affected b...
File : seamonkey_220.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1140.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1142.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote Mac OS X host contains a web browser that is potentially affected ...
File : macosx_firefox_17_0_8_esr.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote Mac OS X host contains a mail client that is potentially affected ...
File : macosx_thunderbird_17_0_8.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote Mac OS X host contains a mail client that is potentially affected ...
File : macosx_thunderbird_17_0_8_esr.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote Mac OS X host contains a web browser that is potentially affected ...
File : macosx_firefox_23.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1925-1.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote Windows host contains a mail client that is potentially affected b...
File : mozilla_thunderbird_1708.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote Windows host contains a mail client that is potentially affected b...
File : mozilla_thunderbird_1708_esr.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1140.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2013-1142.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130807_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130807_thunderbird_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote Windows host contains a web browser that is potentially affected b...
File : mozilla_firefox_1708_esr.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1140.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2013-1142.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote Windows host contains a web browser that is potentially affected b...
File : mozilla_firefox_23.nasl - Type : ACT_GATHER_INFO
2013-08-07Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1924-1.nasl - Type : ACT_GATHER_INFO
2013-08-07Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1924-2.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2014-02-17 12:02:22
  • Multiple Updates
2013-08-07 21:23:23
  • Multiple Updates
2013-08-07 17:20:41
  • First insertion