Executive Summary
Summary | |
---|---|
Title | Thunderbird vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-329-1 | First vendor Publication | 2006-07-28 |
Vendor | Ubuntu | Last vendor Modification | 2006-07-28 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: After a standard system upgrade you need to restart Thunderbird to effect the necessary changes. Please note that Thunderbird 1.0.8 in Ubuntu 5.10 and Ubuntu 5.04 are also affected by these problems. Updates for these Ubuntu releases will be delayed due to upstream dropping support for this Thunderbird version. We strongly advise that you disable JavaScript to disable the attack vectors for most vulnerabilities if you use one of these Ubuntu versions. Details follow: Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious email containing JavaScript. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it. (CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812) A buffer overflow has been discovered in the handling of .vcard files. By tricking a user into importing a malicious vcard into his contacts, this could be exploited to execute arbitrary code with the user's privileges. (CVE-2006-3084) The "enigmail" plugin has been updated to work with the new Thunderbird version. |
Original Source
Url : http://www.ubuntu.com/usn/USN-329-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-264 | Permissions, Privileges, and Access Controls |
50 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:9934 | |||
Oval ID: | oval:org.mitre.oval:def:9934 | ||
Title: | Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context. | ||
Description: | Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2006-3811 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-04-30 | Name : Mandriva Update for netcdf MDVA-2010:129 (netcdf) File : nvt/gb_mandriva_MDVA_2010_129.nasl |
2009-05-05 | Name : HP-UX Update for Thunderbird HPSBUX02156 File : nvt/gb_hp_ux_HPSBUX02156.nasl |
2009-02-27 | Name : Fedora Update for krb5 FEDORA-2007-620 File : nvt/gb_fedora_2007_620_krb5_fc5.nasl |
2009-02-27 | Name : Fedora Update for krb5 FEDORA-2007-034 File : nvt/gb_fedora_2007_034_krb5_fc5.nasl |
2009-02-27 | Name : Fedora Update for krb5 FEDORA-2007-409 File : nvt/gb_fedora_2007_409_krb5_fc5.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200608-21 (Heimdal) File : nvt/glsa_200608_21.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200608-15 (MIT Kerberos 5) File : nvt/glsa_200608_15.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200608-04 (Thunderbird) File : nvt/glsa_200608_04.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200608-03 (Firefox) File : nvt/glsa_200608_03.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200608-02 (SeaMonkey) File : nvt/glsa_200608_02.nasl |
2008-09-04 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox24.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1161-2 (mozilla-firefox) File : nvt/deb_1161_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1161-1 (mozilla-firefox) File : nvt/deb_1161_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1160-2 (mozilla) File : nvt/deb_1160_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1160-1 (mozilla) File : nvt/deb_1160_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1159-2 (mozilla-thunderbird) File : nvt/deb_1159_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1159-1 (mozilla-thunderbird) File : nvt/deb_1159_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1146-1 (krb5) File : nvt/deb_1146_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
27872 | MIT Kerberos 5 ksu seteuid() Local Privilege Escalation MIT Kerberos 5 contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the seteuid() call fails in the ksu program. This flaw may lead to a loss of confidentiality and/or integrity. |
27871 | MIT Kerberos 5 ftpd seteuid() Local Privilege Escalation MIT Kerberos 5 contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the seteuid() call fails in the ftpd program. This flaw may lead to a loss of confidentiality and/or integrity. |
27577 | Mozilla Multiple Products Removed Node Reference Unspecified Code Execution |
27576 | Mozilla Multiple Products crypto.generateCRMFRequest Deleted Context Code Exe... |
27575 | Mozilla Multiple Products Anonymous Box Selector Unspecified Code Execution |
27574 | Mozilla Multiple Products Table Row/Column Group Unspecified Code Execution |
27573 | Mozilla Multiple Products String Class Out-of-memory Code Execution |
27572 | Mozilla Multiple Products nsListControlFrame::FireMenuItemActiveEvent Arbitra... |
27571 | Mozilla Multiple Products String Function Objects Unspecified Overflow |
27570 | Mozilla Multiple Products toSource Method Overflow |
27569 | Mozilla Multiple Products Garbage Collection Temporary Object Handling Arbitr... |
27568 | Mozilla Multiple Products Standard Object() Constructor Manipulation Privileg... |
27566 | Mozilla Multiple Products UniversalXPConnect Privilege Escalation |
27565 | Mozilla Multiple Products XPCNativeWrapper(window).Function Construct XSS |
27564 | Mozilla Multiple Products Chrome Scheme Remote Script Execution |
27563 | Mozilla Multiple Products vCard Malformed Base64 Field Overflow |
27562 | Mozilla Multiple Products JavaScript Garbage Collection Race Condition Arbitr... |
27561 | Mozilla Multiple Products Top-level Object Method Native DOM XSS |
27560 | Mozilla Multiple Products Simultaneous XPCOM Events Memory Corruption Arbitra... Mozilla Firefox 1.5.0.1, 1.5.0.2, 1.5.0.3, and 1.5.0.4, Mozilla Thunderbird 1.5.0.1, 1.5.0.2, 1.5.0.3, and 1.5.0.4, and Mozilla SeaMonkey 1.0.2 contain a use-after-free error when handling simultaneously occurring XPCOM events. With a specially crafted web page, a remote attacker can execute arbitrary code. |
Snort® IPS/IDS
Date | Description |
---|---|
2019-10-08 | Mozilla Firefox GeckoActiveXObject exploit attempt RuleID : 51394 - Revision : 2 - Type : BROWSER-OTHER |
2019-10-08 | Mozilla Firefox GeckoActiveXObject exploit attempt RuleID : 51393 - Revision : 2 - Type : BROWSER-OTHER |
2014-01-10 | Mozilla Firefox new function garbage collection remote code execution attempt RuleID : 18302 - Revision : 5 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox GeckoActiveXObject memory corruption attempt RuleID : 18301 - Revision : 5 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox Javascript engine function arguments memory corruption attempt RuleID : 18262 - Revision : 7 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla Firefox Javascript engine String.toSource memory corruption attempt RuleID : 18261 - Revision : 6 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla browsers memory corruption simultaneous XPCOM events code execution a... RuleID : 18178 - Revision : 6 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla browsers memory corruption simultaneous XPCOM events code execution a... RuleID : 18177 - Revision : 6 - Type : BROWSER-FIREFOX |
2014-01-10 | Mozilla browsers memory corruption simultaneous XPCOM events code execution a... RuleID : 18176 - Revision : 6 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2006-0735.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2006-0733.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_krb5-apps-servers-1938.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-1960.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-361-1.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-350-1.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-334-1.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-329-1.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-327-1.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-1981.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-1924.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_krb5-apps-clients-1937.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-1952.nasl - Type : ACT_GATHER_INFO |
2007-01-17 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-034.nasl - Type : ACT_GATHER_INFO |
2006-12-16 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2006-139.nasl - Type : ACT_GATHER_INFO |
2006-12-16 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2006-143.nasl - Type : ACT_GATHER_INFO |
2006-12-16 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2006-146.nasl - Type : ACT_GATHER_INFO |
2006-12-06 | Name : The remote host is missing Sun Security Patch number 120672-08 File : solaris9_x86_120672.nasl - Type : ACT_GATHER_INFO |
2006-12-06 | Name : The remote host is missing Sun Security Patch number 120672-08 File : solaris8_x86_120672.nasl - Type : ACT_GATHER_INFO |
2006-11-06 | Name : The remote host is missing Sun Security Patch number 119116-35 File : solaris10_x86_119116.nasl - Type : ACT_GATHER_INFO |
2006-11-06 | Name : The remote host is missing Sun Security Patch number 119115-36 File : solaris10_119115.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1161.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1160.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1159.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1146.nasl - Type : ACT_GATHER_INFO |
2006-08-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0594.nasl - Type : ACT_GATHER_INFO |
2006-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200608-21.nasl - Type : ACT_GATHER_INFO |
2006-08-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200608-15.nasl - Type : ACT_GATHER_INFO |
2006-08-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2006-0609.nasl - Type : ACT_GATHER_INFO |
2006-08-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2006-0608.nasl - Type : ACT_GATHER_INFO |
2006-08-04 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200608-02.nasl - Type : ACT_GATHER_INFO |
2006-08-04 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2006-0611.nasl - Type : ACT_GATHER_INFO |
2006-08-04 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2006-0610.nasl - Type : ACT_GATHER_INFO |
2006-08-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0609.nasl - Type : ACT_GATHER_INFO |
2006-08-04 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200608-04.nasl - Type : ACT_GATHER_INFO |
2006-08-04 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200608-03.nasl - Type : ACT_GATHER_INFO |
2006-07-29 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2006-0611.nasl - Type : ACT_GATHER_INFO |
2006-07-29 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2006-0610.nasl - Type : ACT_GATHER_INFO |
2006-07-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0608.nasl - Type : ACT_GATHER_INFO |
2006-07-28 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_e2a926641d6011db88cf000c6ec775d9.nasl - Type : ACT_GATHER_INFO |
2006-07-27 | Name : A web browser on the remote host is prone to multiple flaws. File : seamonkey_103.nasl - Type : ACT_GATHER_INFO |
2006-07-27 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_1505.nasl - Type : ACT_GATHER_INFO |
2006-07-27 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_1505.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:03:41 |
|
2013-05-11 12:25:33 |
|