CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
96.1%
Multiple memory safety issues were discovered in Thunderbird. If a user
were tricked in to opening a specially crafted message with scripting
enabled, an attacker could possibly exploit these to cause a denial of
service via application crash, or potentially execute arbitrary code with
the privileges of the user invoking Thunderbird. (CVE-2013-1718)
Atte Kettunen discovered a flaw in the HTML5 Tree Builder when interacting
with template elements. If a user had scripting enabled, in some
circumstances an attacker could potentially exploit this to execute
arbitrary code with the privileges of the user invoking Thunderbird.
(CVE-2013-1720)
Alex Chapman discovered an integer overflow vulnerability in the ANGLE
library. If a user had scripting enabled, an attacker could potentially
exploit this to execute arbitrary code with the privileges of the user
invoking Thunderbird. (CVE-2013-1721)
Abhishek Arya discovered a use-after-free in the Animation Manager. If
a user had scripting enabled, an attacked could potentially exploit this
to execute arbitrary code with the privileges of the user invoking
Thunderbird. (CVE-2013-1722)
Scott Bell discovered a use-after-free when using a select element. If
a user had scripting enabled, an attacker could potentially exploit this
to execute arbitrary code with the privileges of the user invoking
Thunderbird. (CVE-2013-1724)
It was discovered that the scope of new Javascript objects could be
accessed before their compartment is initialized. If a user had scripting
enabled, an attacker could potentially exploit this to execute code with
the privileges of the user invoking Thunderbird. (CVE-2013-1725)
Dan Gohman discovered that some variables and data were used in IonMonkey,
without being initialized, which could lead to information leakage.
(CVE-2013-1728)
Sachin Shinde discovered a crash when moving some XBL-backed nodes
in to a document created by document.open(). If a user had scripting
enabled, an attacker could potentially exploit this to cause a denial
of service. (CVE-2013-1730)
Aki Helin discovered a buffer overflow when combining lists, floats and
multiple columns. If a user had scripting enabled, an attacker could
potentially exploit this to execute arbitrary code with the privileges
of the user invoking Thunderbird. (CVE-2013-1732)
Two memory corruption bugs when scrolling were discovered. If a user had
scripting enabled, an attacker could potentially exploit these to cause a
denial of service via application crash, or execute arbitrary code with
the privileges of the user invoking Thunderbird. (CVE-2013-1735,
CVE-2013-1736)
Boris Zbarsky discovered that user-defined getters on DOM proxies would
use the expando object as “this”. If a user had scripting enabled, an
attacker could potentially exploit this by tricking add-on code in to
making incorrect security sensitive decisions based on malicious values.
(CVE-2013-1737)
A use-after-free bug was discovered in Thunderbird. If a user had
scripting enabled, an attacker could potentially exploit this to execute
arbitrary code with the privileges of the user invoking Thunderbird.
(CVE-2013-1738)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 13.04 | noarch | thunderbird | < 1:24.0+build1-0ubuntu0.13.04.1 | UNKNOWN |
Ubuntu | 13.04 | noarch | thunderbird-dbg | < 1:24.0+build1-0ubuntu0.13.04.1 | UNKNOWN |
Ubuntu | 13.04 | noarch | thunderbird-dev | < 1:24.0+build1-0ubuntu0.13.04.1 | UNKNOWN |
Ubuntu | 13.04 | noarch | thunderbird-globalmenu | < 1:24.0+build1-0ubuntu0.13.04.1 | UNKNOWN |
Ubuntu | 13.04 | noarch | thunderbird-gnome-support | < 1:24.0+build1-0ubuntu0.13.04.1 | UNKNOWN |
Ubuntu | 13.04 | noarch | thunderbird-gnome-support-dbg | < 1:24.0+build1-0ubuntu0.13.04.1 | UNKNOWN |
Ubuntu | 13.04 | noarch | thunderbird-locale-af | < 1:24.0+build1-0ubuntu0.13.04.1 | UNKNOWN |
Ubuntu | 13.04 | noarch | thunderbird-locale-ar | < 1:24.0+build1-0ubuntu0.13.04.1 | UNKNOWN |
Ubuntu | 13.04 | noarch | thunderbird-locale-ast | < 1:24.0+build1-0ubuntu0.13.04.1 | UNKNOWN |
Ubuntu | 13.04 | noarch | thunderbird-locale-be | < 1:24.0+build1-0ubuntu0.13.04.1 | UNKNOWN |
launchpad.net/bugs/1224912
ubuntu.com/security/CVE-2013-1718
ubuntu.com/security/CVE-2013-1720
ubuntu.com/security/CVE-2013-1721
ubuntu.com/security/CVE-2013-1722
ubuntu.com/security/CVE-2013-1724
ubuntu.com/security/CVE-2013-1725
ubuntu.com/security/CVE-2013-1728
ubuntu.com/security/CVE-2013-1730
ubuntu.com/security/CVE-2013-1732
ubuntu.com/security/CVE-2013-1735
ubuntu.com/security/CVE-2013-1736
ubuntu.com/security/CVE-2013-1737
ubuntu.com/security/CVE-2013-1738