icedove - several

Multiple vulnerabilities have been discovered in Icedove, Debian’s
version of the Mozilla Thunderbird mail client. The Common
Vulnerabilities and Exposures project identifies the following
problems:

• CVE-2012-3982
  Multiple unspecified vulnerabilities in the browser engine
  allow remote attackers to cause a denial of service (memory
  corruption and application crash) or possibly execute
  arbitrary code via unknown vectors.
• CVE-2012-3986
  Icedove does not properly restrict calls to DOMWindowUtils
  methods, which allows remote attackers to bypass intended
  access restrictions via crafted JavaScript code.
• CVE-2012-3990
  A Use-after-free vulnerability in the IME State Manager
  implementation allows remote attackers to execute arbitrary
  code via unspecified vectors, related to the
  nsIContent::GetNameSpaceID function.
• CVE-2012-3991
  Icedove does not properly restrict JSAPI access to the
  GetProperty function, which allows remote attackers to bypass
  the Same Origin Policy and possibly have unspecified other
  impact via a crafted web site.
• CVE-2012-4179
  A use-after-free vulnerability in the
  nsHTMLCSSUtils::CreateCSSPropertyTxn function allows remote
  attackers to execute arbitrary code or cause a denial of
  service (heap memory corruption) via unspecified vectors.
• CVE-2012-4180
  A heap-based buffer overflow in the
  nsHTMLEditor::IsPrevCharInNodeWhitespace function allows
  remote attackers to execute arbitrary code via unspecified
  vectors.
• CVE-2012-4182
  A use-after-free vulnerability in the
  nsTextEditRules::WillInsert function allows remote attackers
  to execute arbitrary code or cause a denial of service (heap
  memory corruption) via unspecified vectors.
• CVE-2012-4186
  A heap-based buffer overflow in the
  nsWav-eReader::DecodeAudioData function allows remote attackers
  to execute arbitrary code via unspecified vectors.
• CVE-2012-4188
  A heap-based buffer overflow in the Convolve3x3 function
  allows remote attackers to execute arbitrary code via
  unspecified vectors.

For the stable distribution (squeeze), these problems have been fixed
in version 3.0.11-1+squeeze14.

For the testing distribution (wheezy) and the unstable distribution
(sid), these problems have been fixed in version 10.0.9-1.

We recommend that you upgrade your icedove packages.