[ASA-201811-10] thunderbird: arbitrary code execution
Jelle van der Waa
jelle at archlinux.org
Sun Nov 11 20:51:06 UTC 2018
Arch Linux Security Advisory ASA-201811-10
==========================================
Severity: Critical
Date : 2018-11-06
CVE-ID : CVE-2018-12389 CVE-2018-12390 CVE-2018-12392
Package : thunderbird
Type : arbitrary code execution
Remote : Yes
Link : https://security.archlinux.org/AVG-803
Summary
=======
The package thunderbird before version 60.3.0-1 is vulnerable to
arbitrary code execution.
Resolution
==========
Upgrade to 60.3.0-1.
# pacman -Syu "thunderbird>=60.3.0-1"
The problems have been fixed upstream in version 60.3.0.
Workaround
==========
None.
Description
===========
- CVE-2018-12389 (arbitrary code execution)
Several memory safety bugs have been found in Thunderbird versions
prior to 63.0. Some of these bugs showed evidence of memory corruption
and Mozilla engineers presume that with enough effort some of these
could be exploited to run arbitrary code.
- CVE-2018-12390 (arbitrary code execution)
Several memory safety bugs have been found in Firefox and Thunderbird
versions prior to 63.0. Some of these bugs showed evidence of memory
corruption and Mozilla engineers presume that with enough effort some
of these could be exploited to run arbitrary code.
- CVE-2018-12392 (arbitrary code execution)
A security issue has been found in Firefox and Thunderbird versions
prior to 63.0. When manipulating user events in nested loops while
opening a document through script, it is possible to trigger a
potentially exploitable crash due to poor event handling.
Impact
======
A remote attacker is able to execute arbitrary code via a specially
crafted HTML document.
References
==========
https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/
https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/#CVE-2018-12390
https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12390
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1487098%2C1487660%2C1490234%2C1496159%2C1443748%2C1496340%2C1483905%2C1493347%2C1488803%2C1498701%2C1498482%2C1442010%2C1495245%2C1483699%2C1469486%2C1484905%2C1490561%2C1492524%2C1481844
https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12392
https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/#CVE-2018-12392
https://bugzilla.mozilla.org/show_bug.cgi?id=1492823
https://security.archlinux.org/CVE-2018-12389
https://security.archlinux.org/CVE-2018-12390
https://security.archlinux.org/CVE-2018-12392
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20181111/f496ccd8/attachment.asc>
More information about the arch-security
mailing list