Mozilla Thunderbird < 2.0.0.17 Multiple Vulnerabilities

2008-09-2600:00:00

Tenable

www.tenable.com

Versions of Mozilla Thunderbird prior to 2.0.0.17 are affected by the following vulnerabilities :

Using a specially crafted UTF-8 URL in a hyperlink, an attacker might be able to exploit a stack buffer overflow in the Mozilla URL parsing routes to execute arbitrary code (MFSA 2008-37).
It is possible to bypass the same-origin check in ‘nsXMLDocument::OnChannelRedirect()’ (MFSA 2008-38).
Privilege escalation is possible via ‘XPCnativeWrapper’ pollution (MFSA 2008-41).
There are several stability bugs in the browser engine that may lead to crashes with evidence of memory corruption (MFSA 2008-42).
Certain BOM characters and low surrogate characters, if HTML-escaped, are stripped from JavaScript code before it is executed, which could allow for cross-site scripting attacks (MFSA 2008-43).
The ‘resource:’ protocol allows directory traversal on Linux when using URL-encoded slashes, and it can by used to bypass restrictions on local HTML files (MFSA 2008-44).
There is a heap buffer overflow that can be triggered when canceling a newsgroup message (MFSA 2008-46).

Binary data 4696.prm

VendorProductVersionCPE
mozillathunderbirdcpe:/a:mozilla:thunderbird

Vendor	Product	Version	CPE
mozilla	thunderbird		cpe:/a:mozilla:thunderbird

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3835

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3836

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3837

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4059

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4060

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4061

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4063

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4064

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4066

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4067

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4068

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4069

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4070

www.mozilla.org/security/announce/2008/mfsa2008-37.html

www.mozilla.org/security/announce/2008/mfsa2008-38.html

www.mozilla.org/security/announce/2008/mfsa2008-41.html

www.mozilla.org/security/announce/2008/mfsa2008-42.html

www.mozilla.org/security/announce/2008/mfsa2008-43.html

www.mozilla.org/security/announce/2008/mfsa2008-44.html

www.mozilla.org/security/announce/2008/mfsa2008-46.html

www.securityfocus.com/bid/31346