Mozilla Thunderbird Multiple Vulnerabilities
RISK: Medium Risk
TYPE: Clients - Email Clients
Multiple vulnerabilities were identified in Mozilla Thunderbird, which could be exploited by remote attackers to cause arbitrary code execution, gain elevated privileges and disclose potentially sensitive information.
- A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target system.
- When a local user runs the Mozilla updater (updater.exe) directly, the updater loads DLL files (bcrypt.dll and others) from the current working directory or from Windows temporary directories. A local user can create a specially crafted DLL and cause the DLL to be executed by the target user.
- A remote user can create specially crafted content with IndexedDB that, when loaded by the target user, will trigger a use-after-free memory error in mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex() and crash or execute arbitrary code.
- A remote user can create a specially crafted SVG graphic that, when loaded by the target user, will trigger a memory error in mozilla::gfx::CopyRect() and read uninitialized memory when rendered.
- A remote user can manipulate the form autocomplete function to cause a local file in a known location to be uploaded.
- Elevation of Privilege
- Remote Code Execution
- Information Disclosure
System / Technologies affected
- Versions prior to 31.5
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 31.5