Lucene search
Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-915-1.NASLHistoryMar 19, 2010 - 12:00 a.m.
Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : thunderbird vulnerabilities (USN-915-1)
2010-03-1900:00:00
Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
22
Several flaws were discovered in the JavaScript engine of Thunderbird.
If a user had JavaScript enabled and were tricked into viewing malicious web content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-0689, CVE-2009-2463, CVE-2009-3075)
Josh Soref discovered that the BinHex decoder used in Thunderbird contained a flaw. If a user were tricked into viewing malicious content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3072)
It was discovered that Thunderbird did not properly manage memory when using XUL tree elements. If a user were tricked into viewing malicious content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3077)
Jesse Ruderman and Sid Stamm discovered that Thunderbird did not properly display filenames containing right-to-left (RTL) override characters. If a user were tricked into opening a malicious file with a crafted filename, an attacker could exploit this to trick the user into opening a different file than the user expected. (CVE-2009-3376)
Takehiro Takahashi discovered flaws in the NTLM implementation in Thunderbird. If an NTLM authenticated user opened content containing links to a malicious website, a remote attacker could send requests to other applications, authenticated as the user. (CVE-2009-3983)
Ludovic Hirlimann discovered a flaw in the way Thunderbird indexed certain messages with attachments. A remote attacker could send specially crafted content and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0163).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-915-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include("compat.inc");
if (description)
{
script_id(45108);
script_version("1.20");
script_cvs_date("Date: 2019/09/19 12:54:26");
script_cve_id("CVE-2009-0689", "CVE-2009-2463", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3077", "CVE-2009-3376", "CVE-2009-3983", "CVE-2010-0163");
script_bugtraq_id(35769, 36343, 36851, 36867, 37366, 38831);
script_xref(name:"USN", value:"915-1");
script_name(english:"Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : thunderbird vulnerabilities (USN-915-1)");
script_summary(english:"Checks dpkg output for updated packages.");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Ubuntu host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"Several flaws were discovered in the JavaScript engine of Thunderbird.
If a user had JavaScript enabled and were tricked into viewing
malicious web content, a remote attacker could cause a denial of
service or possibly execute arbitrary code with the privileges of the
user invoking the program. (CVE-2009-0689, CVE-2009-2463,
CVE-2009-3075)
Josh Soref discovered that the BinHex decoder used in Thunderbird
contained a flaw. If a user were tricked into viewing malicious
content, a remote attacker could cause a denial of service or possibly
execute arbitrary code with the privileges of the user invoking the
program. (CVE-2009-3072)
It was discovered that Thunderbird did not properly manage memory when
using XUL tree elements. If a user were tricked into viewing malicious
content, a remote attacker could cause a denial of service or possibly
execute arbitrary code with the privileges of the user invoking the
program. (CVE-2009-3077)
Jesse Ruderman and Sid Stamm discovered that Thunderbird did not
properly display filenames containing right-to-left (RTL) override
characters. If a user were tricked into opening a malicious file with
a crafted filename, an attacker could exploit this to trick the user
into opening a different file than the user expected. (CVE-2009-3376)
Takehiro Takahashi discovered flaws in the NTLM implementation in
Thunderbird. If an NTLM authenticated user opened content containing
links to a malicious website, a remote attacker could send requests to
other applications, authenticated as the user. (CVE-2009-3983)
Ludovic Hirlimann discovered a flaw in the way Thunderbird indexed
certain messages with attachments. A remote attacker could send
specially crafted content and cause a denial of service or possibly
execute arbitrary code with the privileges of the user invoking the
program. (CVE-2010-0163).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://usn.ubuntu.com/915-1/"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(16, 94, 119, 189);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:thunderbird");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:thunderbird-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:thunderbird-gnome-support");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.04");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.10");
script_set_attribute(attribute:"vuln_publication_date", value:"2009/07/01");
script_set_attribute(attribute:"patch_publication_date", value:"2010/03/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2010/03/19");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(8\.04|8\.10|9\.04|9\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 8.04 / 8.10 / 9.04 / 9.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"8.04", pkgname:"mozilla-thunderbird", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"mozilla-thunderbird-dev", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"thunderbird", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"thunderbird-dev", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"thunderbird-gnome-support", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"mozilla-thunderbird", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"mozilla-thunderbird-dev", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"thunderbird", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"thunderbird-dev", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"thunderbird-gnome-support", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"mozilla-thunderbird", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"mozilla-thunderbird-dev", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"thunderbird", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"thunderbird-dev", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"thunderbird-gnome-support", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"mozilla-thunderbird", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"mozilla-thunderbird-dev", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"thunderbird", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"thunderbird-dev", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"thunderbird-gnome-support", pkgver:"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mozilla-thunderbird / mozilla-thunderbird-dev / thunderbird / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | mozilla-thunderbird | p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird |
| canonical | ubuntu_linux | mozilla-thunderbird-dev | p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-dev |
| canonical | ubuntu_linux | thunderbird | p-cpe:/a:canonical:ubuntu_linux:thunderbird |
| canonical | ubuntu_linux | thunderbird-dev | p-cpe:/a:canonical:ubuntu_linux:thunderbird-dev |
| canonical | ubuntu_linux | thunderbird-gnome-support | p-cpe:/a:canonical:ubuntu_linux:thunderbird-gnome-support |
| canonical | ubuntu_linux | 8.04 | cpe:/o:canonical:ubuntu_linux:8.04:-:lts |
| canonical | ubuntu_linux | 8.10 | cpe:/o:canonical:ubuntu_linux:8.10 |
| canonical | ubuntu_linux | 9.04 | cpe:/o:canonical:ubuntu_linux:9.04 |
| canonical | ubuntu_linux | 9.10 | cpe:/o:canonical:ubuntu_linux:9.10 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2463
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3072
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3075
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3077
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3376
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3983
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0163
usn.ubuntu.com/915-1/
Related
openvas
openvas
Ubuntu Update for thunderbird vulnerabilities USN-915-1
2010-03-22 00:00:00
Ubuntu: Security Advisory (USN-915-1)
2010-03-22 00:00:00
FreeBSD Ports: seamonkey, linux-seamonkey
2010-03-30 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2010-03-18 00:00:00
Firefox and Xulrunner vulnerabilities
2009-09-10 00:00:00
nessus
nessus
openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-2189)
2010-03-30 00:00:00
openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-2189)
2010-03-30 00:00:00
Mozilla Thunderbird < 2.0.0.24 Multiple Vulnerabilities
2010-03-19 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-03-16 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: seamonkey-1.1.19-1.fc11
2010-04-21 21:53:31
[SECURITY] Fedora 10 Update: blam-1.8.5-14.fc10
2009-09-11 23:28:07
[SECURITY] Fedora 10 Update: perl-Gtk2-MozEmbed-0.08-6.fc10.5
2009-09-11 23:28:07
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-07
2010-04-06 00:00:00
Mozilla Foundation Security Advisory 2009-62
2009-10-28 00:00:00
Sun Solaris 10 libc/*convert (*cvt) buffer overflow
2010-05-27 00:00:00
mozilla
mozilla
Download filename spoofing with RTL override — Mozilla
2009-10-27 00:00:00
NTLM reflection vulnerability — Mozilla
2009-12-15 00:00:00
debian
debian
[SECURITY] [DSA 2025-1] New icedove packages fix several vulnerabilities
2010-03-31 08:41:27
[Backports-security-announce] Security Update for nsrp
2010-07-21 08:26:53
[Backports-security-announce] Security Update for nsrp
2010-07-21 08:24:14
osv
osv
icedove - several vulnerabilities
2010-03-31 00:00:00
xulrunner - several vulnerabilities
2009-09-14 00:00:00
mono - security update
2018-11-01 00:00:00
redhat
redhat
(RHSA-2009:1431) Critical: seamonkey security update
2009-09-09 00:00:00
(RHSA-2010:0153) Moderate: thunderbird security update
2010-03-17 00:00:00
(RHSA-2010:0154) Moderate: thunderbird security update
2010-03-17 00:00:00
oraclelinux
oraclelinux
seamonkey security update
2009-09-10 00:00:00
thunderbird security update
2010-03-17 00:00:00
centos
centos
seamonkey security update
2009-09-10 22:51:03
thunderbird security update
2010-03-17 18:24:23
thunderbird security update
2010-03-26 20:37:29
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:43:28
Remote Code Execution (RCE)
2020-04-10 00:36:53
Replay Attack
2020-04-10 00:40:52
ubuntucve
ubuntucve
cve
cve
prion
prion
Design/Logic Flaw
2009-12-17 17:30:00
Code injection
2009-10-29 14:30:00
Code injection
2010-03-23 00:53:00
seebug
seebug
Mozilla Firefox下载文件名欺骗漏洞
2009-11-03 00:00:00
Mozilla Firefox and SeaMonkey Download Filename Spoofing Vulnerability
2010-03-19 00:00:00
多个BSD系统gdtoa/misc.c文件内存破坏漏洞
2009-06-30 00:00:00
packetstorm
packetstorm
Flock 2.5.2 Remote Array Overrun
2009-12-12 00:00:00
J 6.02.023 Array Overrun
2010-01-09 00:00:00
Matlab R2009b Array Overrun
2010-01-09 00:00:00
opera
opera
Heap buffer overflow in string to number conversion
2009-11-20 00:00:00
debiancve
debiancve
CVE-2009-0689
2009-07-01 13:00:00
CVE-2009-2463
2009-07-22 18:30:00
mageia
mageia
Updated mono packages fix security vulnerability
2016-01-14 04:44:39
zdi
zdi
Mozilla Firefox TreeColumns Dangling Pointer Vulnerability
2009-09-10 00:00:00
checkpoint_advisories
checkpoint_advisories
threatpost
threatpost
'High Risk' Flaw Fixed in Google Chrome
2009-10-06 22:32:02
Related for UBUNTU_USN-915-1.NASL