Skip to main content

Mozilla Thunderbird Multiple Vulnerabilities

Last Update Date: 27 Feb 2015 15:03 Release Date: 25 Feb 2015 737 Views

RISK: Medium Risk

TYPE: Clients - Email Clients

TYPE: Email Clients

Multiple vulnerabilities were identified in Mozilla Thunderbird, which could be exploited by remote attackers to cause arbitrary code execution, gain elevated privileges and disclose potentially sensitive information.

  • A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target system.
  • When a local user runs the Mozilla updater (updater.exe) directly, the updater loads DLL files (bcrypt.dll and others) from the current working directory or from Windows temporary directories. A local user can create a specially crafted DLL and cause the DLL to be executed by the target user.
  • A remote user can create specially crafted content with IndexedDB that, when loaded by the target user, will trigger a use-after-free memory error in mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex() and crash or execute arbitrary code.
  • A remote user can create a specially crafted SVG graphic that, when loaded by the target user, will trigger a memory error in mozilla::gfx::CopyRect() and read uninitialized memory when rendered.
  • A remote user can manipulate the form autocomplete function to cause a local file in a known location to be uploaded.

Impact

  • Elevation of Privilege
  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Versions prior to 31.5

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 31.5

Vulnerability Identifier


Source


Related Link