10 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.106 Low
EPSS
Percentile
95.0%
Christian Holler, David Keeler and Byron Campen discovered multiple memory
safety issues in Thunderbird. If a user were tricked in to opening a
specially crafted message with scripting enabled, an attacker could
potentially exploit these to cause a denial of service via application
crash, or execute arbitrary code with the privileges of the user invoking
Thunderbird. (CVE-2014-1547)
Atte Kettunen discovered a buffer overflow when interacting with WebAudio
buffers. If a user had enabled scripting, an attacker could potentially
exploit this to cause a denial of service via application crash or execute
arbitrary code with the privileges of the user invoking Thunderbird.
(CVE-2014-1549)
Atte Kettunen discovered a use-after-free in WebAudio. If a user had
enabled scripting, an attacker could potentially exploit this to cause a
denial of service via application crash or execute arbitrary code with the
privileges of the user invoking Thunderbird. (CVE-2014-1550)
Jethro Beekman discovered a use-after-free when the FireOnStateChange
event is triggered in some circumstances. If a user had enabled scripting,
an attacker could potentially exploit this to cause a denial of service
via application crash or execute arbitrary code with the priviliges of
the user invoking Thunderbird. (CVE-2014-1555)
Patrick Cozzi discovered a crash when using the Cesium JS library to
generate WebGL content. If a user had enabled scripting, an attacker could
potentially exploit this to execute arbitrary code with the privilges of
the user invoking Thunderbird. (CVE-2014-1556)
Tyson Smith and Jesse Schwartzentruber discovered a use-after-free in
CERT_DestroyCertificate. If a user had enabled scripting, an attacker
could potentially exploit this to cause a denial of service via
application crash or execute arbitrary code with the privileges of the
user invoking Thunderbird. (CVE-2014-1544)
A crash was discovered in Skia when scaling an image, if the scaling
operation takes too long. If a user had enabled scripting, an attacker
could potentially exploit this to execute arbitrary code with the
privileges of the user invoking Thunderbird. (CVE-2014-1557)
Christian Holler discovered several issues when parsing certificates
with non-standard character encoding, resulting in the inability to
use valid SSL certificates in some circumstances. (CVE-2014-1558,
CVE-2014-1559, CVE-2014-1560)
Boris Zbarsky discovered that network redirects could cause an iframe
to escape the confinements defined by its sandbox attribute in some
circumstances. If a user had enabled scripting, an attacker could
potentially exploit this to conduct cross-site scripting attacks.
(CVE-2014-1552)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 14.04 | noarch | thunderbird | < 1:31.0+build1-0ubuntu0.14.04.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | thunderbird-dbg | < 1:31.0+build1-0ubuntu0.14.04.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | thunderbird-dev | < 1:31.0+build1-0ubuntu0.14.04.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | thunderbird-globalmenu | < 1:31.0+build1-0ubuntu0.14.04.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | thunderbird-gnome-support | < 1:31.0+build1-0ubuntu0.14.04.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | thunderbird-gnome-support-dbg | < 1:31.0+build1-0ubuntu0.14.04.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | thunderbird-locale-af | < 1:31.0+build1-0ubuntu0.14.04.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | thunderbird-locale-ar | < 1:31.0+build1-0ubuntu0.14.04.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | thunderbird-locale-ast | < 1:31.0+build1-0ubuntu0.14.04.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | thunderbird-locale-be | < 1:31.0+build1-0ubuntu0.14.04.1 | UNKNOWN |
launchpad.net/bugs/1346007
ubuntu.com/security/CVE-2014-1544
ubuntu.com/security/CVE-2014-1547
ubuntu.com/security/CVE-2014-1549
ubuntu.com/security/CVE-2014-1550
ubuntu.com/security/CVE-2014-1552
ubuntu.com/security/CVE-2014-1555
ubuntu.com/security/CVE-2014-1556
ubuntu.com/security/CVE-2014-1557
ubuntu.com/security/CVE-2014-1558
ubuntu.com/security/CVE-2014-1559
ubuntu.com/security/CVE-2014-1560