ID CVE-2007-1282
Summary Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line.
References
Vulnerable Configurations
  • cpe:2.3:o:redhat:enterprise_linux:4.0:-:advanced_server
    cpe:2.3:o:redhat:enterprise_linux:4.0:-:advanced_server
  • cpe:2.3:o:redhat:enterprise_linux:4.0:-:enterprise_server
    cpe:2.3:o:redhat:enterprise_linux:4.0:-:enterprise_server
  • cpe:2.3:o:redhat:enterprise_linux:4.0:-:workstation
    cpe:2.3:o:redhat:enterprise_linux:4.0:-:workstation
  • Red Hat Desktop 4.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:4.0
  • Mozilla SeaMonkey 1.0
    cpe:2.3:a:mozilla:seamonkey:1.0
  • Mozilla SeaMonkey 1.0.1
    cpe:2.3:a:mozilla:seamonkey:1.0.1
  • Mozilla SeaMonkey 1.0.2
    cpe:2.3:a:mozilla:seamonkey:1.0.2
  • Mozilla SeaMonkey 1.0.3
    cpe:2.3:a:mozilla:seamonkey:1.0.3
  • Mozilla SeaMonkey 1.0.4
    cpe:2.3:a:mozilla:seamonkey:1.0.4
  • Mozilla SeaMonkey 1.0.5
    cpe:2.3:a:mozilla:seamonkey:1.0.5
  • Mozilla SeaMonkey 1.0.6
    cpe:2.3:a:mozilla:seamonkey:1.0.6
  • Mozilla SeaMonkey 1.0.7
    cpe:2.3:a:mozilla:seamonkey:1.0.7
  • Mozilla Thunderbird 0.1
    cpe:2.3:a:mozilla:thunderbird:0.1
  • Mozilla Thunderbird 0.2
    cpe:2.3:a:mozilla:thunderbird:0.2
  • Mozilla Thunderbird 0.3
    cpe:2.3:a:mozilla:thunderbird:0.3
  • Mozilla Thunderbird 0.4
    cpe:2.3:a:mozilla:thunderbird:0.4
  • Mozilla Thunderbird 0.5
    cpe:2.3:a:mozilla:thunderbird:0.5
  • Mozilla Thunderbird 0.6
    cpe:2.3:a:mozilla:thunderbird:0.6
  • Mozilla Thunderbird 0.7
    cpe:2.3:a:mozilla:thunderbird:0.7
  • Mozilla Thunderbird 0.7.1
    cpe:2.3:a:mozilla:thunderbird:0.7.1
  • Mozilla Thunderbird 0.7.2
    cpe:2.3:a:mozilla:thunderbird:0.7.2
  • Mozilla Thunderbird 0.7.3
    cpe:2.3:a:mozilla:thunderbird:0.7.3
  • Mozilla Thunderbird 0.8
    cpe:2.3:a:mozilla:thunderbird:0.8
  • Mozilla Thunderbird 0.9
    cpe:2.3:a:mozilla:thunderbird:0.9
  • Mozilla Thunderbird 1.0
    cpe:2.3:a:mozilla:thunderbird:1.0
  • Mozilla Thunderbird 1.0.1
    cpe:2.3:a:mozilla:thunderbird:1.0.1
  • Mozilla Thunderbird 1.0.2
    cpe:2.3:a:mozilla:thunderbird:1.0.2
  • Mozilla Thunderbird 1.0.3
    cpe:2.3:a:mozilla:thunderbird:1.0.3
  • Mozilla Thunderbird 1.0.4
    cpe:2.3:a:mozilla:thunderbird:1.0.4
  • Mozilla Thunderbird 1.0.5
    cpe:2.3:a:mozilla:thunderbird:1.0.5
  • Mozilla Thunderbird 1.0.6
    cpe:2.3:a:mozilla:thunderbird:1.0.6
  • Mozilla Thunderbird 1.0.7
    cpe:2.3:a:mozilla:thunderbird:1.0.7
  • Mozilla Thunderbird 1.0.8
    cpe:2.3:a:mozilla:thunderbird:1.0.8
  • Mozilla Thunderbird 1.5
    cpe:2.3:a:mozilla:thunderbird:1.5
  • Mozilla Thunderbird 1.5.0.1
    cpe:2.3:a:mozilla:thunderbird:1.5.0.1
  • Mozilla Thunderbird 1.5.0.2
    cpe:2.3:a:mozilla:thunderbird:1.5.0.2
  • Mozilla Thunderbird 1.5.0.3
    cpe:2.3:a:mozilla:thunderbird:1.5.0.3
  • Mozilla Thunderbird 1.5.0.4
    cpe:2.3:a:mozilla:thunderbird:1.5.0.4
  • Mozilla Thunderbird 1.5.0.6
    cpe:2.3:a:mozilla:thunderbird:1.5.0.6
  • Mozilla Thunderbird 1.5.0.7
    cpe:2.3:a:mozilla:thunderbird:1.5.0.7
  • Mozilla Thunderbird 1.5.0.8
    cpe:2.3:a:mozilla:thunderbird:1.5.0.8
  • Mozilla Thunderbird 1.5.0.9
    cpe:2.3:a:mozilla:thunderbird:1.5.0.9
CVSS
Base: 9.3 (as of 07-03-2007 - 15:38)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2007-066-05.NASL
    description A new seamonkey package is available for Slackware 11.0 to fix security issues.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 24791
    published 2007-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24791
    title Slackware 11.0 : seamonkey (SSA:2007-066-05)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2007-066-04.NASL
    description New mozilla-thunderbird packages are available for Slackware 10.2, and 11.0 to fix security issues.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 24790
    published 2007-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24790
    title Slackware 10.2 / 11.0 : mozilla-thunderbird (SSA:2007-066-04)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-0077.NASL
    description Updated SeaMonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. [Updated 26 February 2007] Packages for Red Hat Enterprise Linux 4 have been updated to correct an issue which prevented Evolution and other applications linked against the NSS library from functioning. [Updated 12 March 2007] Packages for Red Hat Enterprise Linux 2.1 and 3 have been updated to correct an issue which prevented Evolution and other applications linked against the NSS library from functioning. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed JavaScript code. A malicious web page could execute JavaScript code in such a way that may result in SeaMonkey crashing or executing arbitrary code as the user running SeaMonkey. (CVE-2007-0775, CVE-2007-0777) Several cross-site scripting (XSS) flaws were found in the way SeaMonkey processed certain malformed web pages. A malicious web page could display misleading information which may result in a user unknowingly divulging sensitive information such as a password. (CVE-2006-6077, CVE-2007-0995, CVE-2007-0996) A flaw was found in the way SeaMonkey cached web pages on the local disk. A malicious web page may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. (CVE-2007-0778) A flaw was found in the way SeaMonkey displayed certain web content. A malicious web page could generate content which could overlay user interface elements such as the hostname and security indicators, tricking a user into thinking they are visiting a different site. (CVE-2007-0779) Two flaws were found in the way SeaMonkey displayed blocked popup windows. If a user can be convinced to open a blocked popup, it is possible to read arbitrary local files, or conduct an XSS attack against the user. (CVE-2007-0780, CVE-2007-0800) Two buffer overflow flaws were found in the Network Security Services (NSS) code for processing the SSLv2 protocol. Connecting to a malicious secure web server could cause the execution of arbitrary code as the user running SeaMonkey. (CVE-2007-0008, CVE-2007-0009) A flaw was found in the way SeaMonkey handled the 'location.hostname' value during certain browser domain checks. This flaw could allow a malicious web site to set domain cookies for an arbitrary site, or possibly perform an XSS attack. (CVE-2007-0981) Users of SeaMonkey are advised to upgrade to these erratum packages, which contain SeaMonkey version 1.0.8 that corrects these issues.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 24707
    published 2007-02-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24707
    title RHEL 2.1 / 3 / 4 : seamonkey (RHSA-2007:0077)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200703-18.NASL
    description The remote host is affected by the vulnerability described in GLSA-200703-18 (Mozilla Thunderbird: Multiple vulnerabilities) Georgi Guninski reported a possible integer overflow in the code handling text/enhanced or text/richtext MIME emails. Additionally, various researchers reported errors in the JavaScript engine potentially leading to memory corruption. Additionally, the binary version of Mozilla Thunderbird includes a vulnerable NSS library which contains two possible buffer overflows involving the SSLv2 protocol. Impact : An attacker could entice a user to read a specially crafted email that could trigger one of the vulnerabilities, some of them being related to Mozilla Thunderbird's handling of JavaScript, possibly leading to the execution of arbitrary code. Workaround : There is no known workaround at this time for all of these issues, but some of them can be avoided by disabling JavaScript. Note that the execution of JavaScript is disabled by default and enabling it is strongly discouraged.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 24867
    published 2007-03-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24867
    title GLSA-200703-18 : Mozilla Thunderbird: Multiple vulnerabilities
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2007-0077.NASL
    description Updated SeaMonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. [Updated 26 February 2007] Packages for Red Hat Enterprise Linux 4 have been updated to correct an issue which prevented Evolution and other applications linked against the NSS library from functioning. [Updated 12 March 2007] Packages for Red Hat Enterprise Linux 2.1 and 3 have been updated to correct an issue which prevented Evolution and other applications linked against the NSS library from functioning. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed JavaScript code. A malicious web page could execute JavaScript code in such a way that may result in SeaMonkey crashing or executing arbitrary code as the user running SeaMonkey. (CVE-2007-0775, CVE-2007-0777) Several cross-site scripting (XSS) flaws were found in the way SeaMonkey processed certain malformed web pages. A malicious web page could display misleading information which may result in a user unknowingly divulging sensitive information such as a password. (CVE-2006-6077, CVE-2007-0995, CVE-2007-0996) A flaw was found in the way SeaMonkey cached web pages on the local disk. A malicious web page may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. (CVE-2007-0778) A flaw was found in the way SeaMonkey displayed certain web content. A malicious web page could generate content which could overlay user interface elements such as the hostname and security indicators, tricking a user into thinking they are visiting a different site. (CVE-2007-0779) Two flaws were found in the way SeaMonkey displayed blocked popup windows. If a user can be convinced to open a blocked popup, it is possible to read arbitrary local files, or conduct an XSS attack against the user. (CVE-2007-0780, CVE-2007-0800) Two buffer overflow flaws were found in the Network Security Services (NSS) code for processing the SSLv2 protocol. Connecting to a malicious secure web server could cause the execution of arbitrary code as the user running SeaMonkey. (CVE-2007-0008, CVE-2007-0009) A flaw was found in the way SeaMonkey handled the 'location.hostname' value during certain browser domain checks. This flaw could allow a malicious web site to set domain cookies for an arbitrary site, or possibly perform an XSS attack. (CVE-2007-0981) Users of SeaMonkey are advised to upgrade to these erratum packages, which contain SeaMonkey version 1.0.8 that corrects these issues.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 24703
    published 2007-02-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24703
    title CentOS 3 / 4 : seamonkey (CESA-2007:0077)
  • NASL family Windows
    NASL id MOZILLA_THUNDERBIRD_15010.NASL
    description The remote version of Mozilla Thunderbird suffers from various security issues, one of which may lead to execution of arbitrary code on the affected host subject to the user's privileges.
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 24748
    published 2007-03-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24748
    title Mozilla Thunderbird < 1.5.0.10 Multiple Vulnerabilities
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2007-0077.NASL
    description From Red Hat Security Advisory 2007:0077 : Updated SeaMonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. [Updated 26 February 2007] Packages for Red Hat Enterprise Linux 4 have been updated to correct an issue which prevented Evolution and other applications linked against the NSS library from functioning. [Updated 12 March 2007] Packages for Red Hat Enterprise Linux 2.1 and 3 have been updated to correct an issue which prevented Evolution and other applications linked against the NSS library from functioning. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed JavaScript code. A malicious web page could execute JavaScript code in such a way that may result in SeaMonkey crashing or executing arbitrary code as the user running SeaMonkey. (CVE-2007-0775, CVE-2007-0777) Several cross-site scripting (XSS) flaws were found in the way SeaMonkey processed certain malformed web pages. A malicious web page could display misleading information which may result in a user unknowingly divulging sensitive information such as a password. (CVE-2006-6077, CVE-2007-0995, CVE-2007-0996) A flaw was found in the way SeaMonkey cached web pages on the local disk. A malicious web page may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. (CVE-2007-0778) A flaw was found in the way SeaMonkey displayed certain web content. A malicious web page could generate content which could overlay user interface elements such as the hostname and security indicators, tricking a user into thinking they are visiting a different site. (CVE-2007-0779) Two flaws were found in the way SeaMonkey displayed blocked popup windows. If a user can be convinced to open a blocked popup, it is possible to read arbitrary local files, or conduct an XSS attack against the user. (CVE-2007-0780, CVE-2007-0800) Two buffer overflow flaws were found in the Network Security Services (NSS) code for processing the SSLv2 protocol. Connecting to a malicious secure web server could cause the execution of arbitrary code as the user running SeaMonkey. (CVE-2007-0008, CVE-2007-0009) A flaw was found in the way SeaMonkey handled the 'location.hostname' value during certain browser domain checks. This flaw could allow a malicious web site to set domain cookies for an arbitrary site, or possibly perform an XSS attack. (CVE-2007-0981) Users of SeaMonkey are advised to upgrade to these erratum packages, which contain SeaMonkey version 1.0.8 that corrects these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67453
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67453
    title Oracle Linux 3 / 4 : seamonkey (ELSA-2007-0077)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1336.NASL
    description Several remote vulnerabilities have been discovered in Mozilla Firefox. This will be the last security update of Mozilla-based products for the oldstable (sarge) distribution of Debian. We recommend to upgrade to stable (etch) as soon as possible. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2007-1282 It was discovered that an integer overflow in text/enhanced message parsing allows the execution of arbitrary code. - CVE-2007-0994 It was discovered that a regression in the JavaScript engine allows the execution of JavaScript with elevated privileges. - CVE-2007-0995 It was discovered that incorrect parsing of invalid HTML characters allows the bypass of content filters. - CVE-2007-0996 It was discovered that insecure child frame handling allows cross-site scripting. - CVE-2007-0981 It was discovered that Firefox handles URI with a null byte in the hostname insecurely. - CVE-2007-0008 It was discovered that a buffer overflow in the NSS code allows the execution of arbitrary code. - CVE-2007-0009 It was discovered that a buffer overflow in the NSS code allows the execution of arbitrary code. - CVE-2007-0775 It was discovered that multiple programming errors in the layout engine allow the execution of arbitrary code. - CVE-2007-0778 It was discovered that the page cache calculates hashes in an insecure manner. - CVE-2006-6077 It was discovered that the password manager allows the disclosure of passwords.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 25779
    published 2007-07-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25779
    title Debian DSA-1336-1 : mozilla-firefox - several vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-308.NASL
    description - Thu Mar 1 2007 Martin Stransky 1.5.0.10-1 - Update to 1.5.0.10 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 24768
    published 2007-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24768
    title Fedora Core 6 : thunderbird-1.5.0.10-1.fc6 (2007-308)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2007-0078.NASL
    description Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. [Updated 06 March 2007] Updated text description to add CVE-2007-1282 and remove CVE-2007-0994, which was mistakenly listed as affecting Thunderbird. No changes have been made to these erratum packages. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way Thunderbird processed certain malformed JavaScript code. A malicious HTML mail message could execute JavaScript code in such a way that may result in Thunderbird crashing or executing arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird; these issues are not exploitable unless the user has enabled JavaScript. (CVE-2007-0775, CVE-2007-0777, CVE-2007-1092) A flaw was found in the way Thunderbird processed text/enhanced and text/richtext formatted mail message. A specially crafted mail message could execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2007-1282) Several cross-site scripting (XSS) flaws were found in the way Thunderbird processed certain malformed HTML mail messages. A malicious HTML mail message could display misleading information which may result in a user unknowingly divulging sensitive information such as a password. (CVE-2006-6077, CVE-2007-0995, CVE-2007-0996) A flaw was found in the way Thunderbird cached web content on the local disk. A malicious HTML mail message may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. (CVE-2007-0778) A flaw was found in the way Thunderbird displayed certain web content. A malicious HTML mail message could generate content which could overlay user interface elements such as the hostname and security indicators, tricking a user into thinking they are visiting a different site. (CVE-2007-0779) Two flaws were found in the way Thunderbird displayed blocked popup windows. If a user can be convinced to open a blocked popup, it is possible to read arbitrary local files, or conduct an XSS attack against the user. (CVE-2007-0780, CVE-2007-0800) Two buffer overflow flaws were found in the Network Security Services (NSS) code for processing the SSLv2 protocol. Connecting to a malicious secure web server could cause the execution of arbitrary code as the user running Thunderbird. (CVE-2007-0008, CVE-2007-0009) A flaw was found in the way Thunderbird handled the 'location.hostname' value during certain browser domain checks. This flaw could allow a malicious HTML mail message to set domain cookies for an arbitrary site, or possibly perform an XSS attack. (CVE-2007-0981) Users of Thunderbird are advised to apply this update, which contains Thunderbird version 1.5.0.10 that corrects these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 24763
    published 2007-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24763
    title CentOS 4 : thunderbird (CESA-2007:0078)
  • NASL family Windows
    NASL id SEAMONKEY_108.NASL
    description The installed version of SeaMonkey contains various security issues, some of which may lead to execution of arbitrary code on the affected host subject to the user's privileges.
    last seen 2019-02-21
    modified 2018-07-27
    plugin id 24735
    published 2007-02-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24735
    title SeaMonkey < 1.0.8 Multiple Vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-0108.NASL
    description Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way Thunderbird processed certain malformed JavaScript code. A malicious HTML mail message could execute JavaScript code in such a way that may result in Thunderbird crashing or executing arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird; these issues are not exploitable unless the user has enabled JavaScript. (CVE-2007-0775, CVE-2007-0777) Several cross-site scripting (XSS) flaws were found in the way Thunderbird processed certain malformed HTML mail messages. A malicious HTML mail message could display misleading information which may result in a user unknowingly divulging sensitive information such as a password. (CVE-2006-6077, CVE-2007-0995, CVE-2007-0996) A flaw was found in the way Thunderbird processed text/enhanced and text/richtext formatted mail message. A specially crafted mail message could execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2007-1282) A flaw was found in the way Thunderbird cached web content on the local disk. A malicious HTML mail message may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. (CVE-2007-0778) A flaw was found in the way Thunderbird displayed certain web content. A malicious HTML mail message could generate content which could overlay user interface elements such as the hostname and security indicators, tricking a user into thinking they are visiting a different site. (CVE-2007-0779) Two flaws were found in the way Thunderbird displayed blocked popup windows. If a user can be convinced to open a blocked popup, it is possible to read arbitrary local files, or conduct an XSS attack against the user. (CVE-2007-0780, CVE-2007-0800) Two buffer overflow flaws were found in the Network Security Services (NSS) code for processing the SSLv2 protocol. Connecting to a malicious secure web server could cause the execution of arbitrary code as the user running Thunderbird. (CVE-2007-0008, CVE-2007-0009) A flaw was found in the way Thunderbird handled the 'location.hostname' value during certain browser domain checks. This flaw could allow a malicious HTML mail message to set domain cookies for an arbitrary site, or possibly perform an XSS attack. (CVE-2007-0981) Users of Thunderbird are advised to apply this update, which contains Thunderbird version 1.5.0.10 that corrects these issues.
    last seen 2019-02-21
    modified 2018-07-25
    plugin id 63841
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63841
    title RHEL 5 : thunderbird (RHSA-2007:0108)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2007-0078.NASL
    description From Red Hat Security Advisory 2007:0078 : Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. [Updated 06 March 2007] Updated text description to add CVE-2007-1282 and remove CVE-2007-0994, which was mistakenly listed as affecting Thunderbird. No changes have been made to these erratum packages. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way Thunderbird processed certain malformed JavaScript code. A malicious HTML mail message could execute JavaScript code in such a way that may result in Thunderbird crashing or executing arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird; these issues are not exploitable unless the user has enabled JavaScript. (CVE-2007-0775, CVE-2007-0777, CVE-2007-1092) A flaw was found in the way Thunderbird processed text/enhanced and text/richtext formatted mail message. A specially crafted mail message could execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2007-1282) Several cross-site scripting (XSS) flaws were found in the way Thunderbird processed certain malformed HTML mail messages. A malicious HTML mail message could display misleading information which may result in a user unknowingly divulging sensitive information such as a password. (CVE-2006-6077, CVE-2007-0995, CVE-2007-0996) A flaw was found in the way Thunderbird cached web content on the local disk. A malicious HTML mail message may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. (CVE-2007-0778) A flaw was found in the way Thunderbird displayed certain web content. A malicious HTML mail message could generate content which could overlay user interface elements such as the hostname and security indicators, tricking a user into thinking they are visiting a different site. (CVE-2007-0779) Two flaws were found in the way Thunderbird displayed blocked popup windows. If a user can be convinced to open a blocked popup, it is possible to read arbitrary local files, or conduct an XSS attack against the user. (CVE-2007-0780, CVE-2007-0800) Two buffer overflow flaws were found in the Network Security Services (NSS) code for processing the SSLv2 protocol. Connecting to a malicious secure web server could cause the execution of arbitrary code as the user running Thunderbird. (CVE-2007-0008, CVE-2007-0009) A flaw was found in the way Thunderbird handled the 'location.hostname' value during certain browser domain checks. This flaw could allow a malicious HTML mail message to set domain cookies for an arbitrary site, or possibly perform an XSS attack. (CVE-2007-0981) Users of Thunderbird are advised to apply this update, which contains Thunderbird version 1.5.0.10 that corrects these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67454
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67454
    title Oracle Linux 4 : thunderbird (ELSA-2007-0078)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-0078.NASL
    description Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. [Updated 06 March 2007] Updated text description to add CVE-2007-1282 and remove CVE-2007-0994, which was mistakenly listed as affecting Thunderbird. No changes have been made to these erratum packages. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way Thunderbird processed certain malformed JavaScript code. A malicious HTML mail message could execute JavaScript code in such a way that may result in Thunderbird crashing or executing arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird; these issues are not exploitable unless the user has enabled JavaScript. (CVE-2007-0775, CVE-2007-0777, CVE-2007-1092) A flaw was found in the way Thunderbird processed text/enhanced and text/richtext formatted mail message. A specially crafted mail message could execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2007-1282) Several cross-site scripting (XSS) flaws were found in the way Thunderbird processed certain malformed HTML mail messages. A malicious HTML mail message could display misleading information which may result in a user unknowingly divulging sensitive information such as a password. (CVE-2006-6077, CVE-2007-0995, CVE-2007-0996) A flaw was found in the way Thunderbird cached web content on the local disk. A malicious HTML mail message may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. (CVE-2007-0778) A flaw was found in the way Thunderbird displayed certain web content. A malicious HTML mail message could generate content which could overlay user interface elements such as the hostname and security indicators, tricking a user into thinking they are visiting a different site. (CVE-2007-0779) Two flaws were found in the way Thunderbird displayed blocked popup windows. If a user can be convinced to open a blocked popup, it is possible to read arbitrary local files, or conduct an XSS attack against the user. (CVE-2007-0780, CVE-2007-0800) Two buffer overflow flaws were found in the Network Security Services (NSS) code for processing the SSLv2 protocol. Connecting to a malicious secure web server could cause the execution of arbitrary code as the user running Thunderbird. (CVE-2007-0008, CVE-2007-0009) A flaw was found in the way Thunderbird handled the 'location.hostname' value during certain browser domain checks. This flaw could allow a malicious HTML mail message to set domain cookies for an arbitrary site, or possibly perform an XSS attack. (CVE-2007-0981) Users of Thunderbird are advised to apply this update, which contains Thunderbird version 1.5.0.10 that corrects these issues.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 24774
    published 2007-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24774
    title RHEL 4 : thunderbird (RHSA-2007:0078)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2007-0077-2.NASL
    description From Red Hat Security Advisory 2007:0077 : Updated SeaMonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. [Updated 26 February 2007] Packages for Red Hat Enterprise Linux 4 have been updated to correct an issue which prevented Evolution and other applications linked against the NSS library from functioning. [Updated 12 March 2007] Packages for Red Hat Enterprise Linux 2.1 and 3 have been updated to correct an issue which prevented Evolution and other applications linked against the NSS library from functioning. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed JavaScript code. A malicious web page could execute JavaScript code in such a way that may result in SeaMonkey crashing or executing arbitrary code as the user running SeaMonkey. (CVE-2007-0775, CVE-2007-0777) Several cross-site scripting (XSS) flaws were found in the way SeaMonkey processed certain malformed web pages. A malicious web page could display misleading information which may result in a user unknowingly divulging sensitive information such as a password. (CVE-2006-6077, CVE-2007-0995, CVE-2007-0996) A flaw was found in the way SeaMonkey cached web pages on the local disk. A malicious web page may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. (CVE-2007-0778) A flaw was found in the way SeaMonkey displayed certain web content. A malicious web page could generate content which could overlay user interface elements such as the hostname and security indicators, tricking a user into thinking they are visiting a different site. (CVE-2007-0779) Two flaws were found in the way SeaMonkey displayed blocked popup windows. If a user can be convinced to open a blocked popup, it is possible to read arbitrary local files, or conduct an XSS attack against the user. (CVE-2007-0780, CVE-2007-0800) Two buffer overflow flaws were found in the Network Security Services (NSS) code for processing the SSLv2 protocol. Connecting to a malicious secure web server could cause the execution of arbitrary code as the user running SeaMonkey. (CVE-2007-0008, CVE-2007-0009) A flaw was found in the way SeaMonkey handled the 'location.hostname' value during certain browser domain checks. This flaw could allow a malicious web site to set domain cookies for an arbitrary site, or possibly perform an XSS attack. (CVE-2007-0981) Users of SeaMonkey are advised to upgrade to these erratum packages, which contain SeaMonkey version 1.0.8 that corrects these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67452
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67452
    title Oracle Linux 4 : seamonkey (ELSA-2007-0077-2)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-309.NASL
    description - Thu Mar 1 2007 Martin Stransky 1.5.0.10-1 - Update to 1.5.0.10 - Tue Dec 19 2006 Matthias Clasen 1.5.0.9-2 - Add a Requires: launchmail (#219884) - Tue Dec 19 2006 Christopher Aillon 1.5.0.9-1 - Update to 1.5.0.9 - Take firefox's pango fixes - Don't offer to import...nothing. - Tue Nov 7 2006 Christopher Aillon 1.5.0.8-1 - Update to 1.5.0.8 - Allow choosing of download directory - Take the user to the correct directory from the Download Manager. - Patch to add support for printing via pango from Behdad. - Sun Oct 8 2006 Christopher Aillon - 1.5.0.7-4 - Default to use of system colors - Wed Oct 4 2006 Christopher Aillon - 1.5.0.7-3 - Bring the invisible character to parity with GTK+ - Wed Sep 27 2006 Christopher Aillon - 1.5.0.7-2 - Fix crash when changing gtk key theme - Prevent UI freezes while changing GNOME theme - Remove verbiage about pango; no longer required by upstream. - Wed Sep 13 2006 Christopher Aillon - 1.5.0.7-1 - Update to 1.5.0.7 - Thu Sep 7 2006 Christopher Aillon - 1.5.0.5-8 - Shuffle order of the install phase around - Thu Sep 7 2006 Christopher Aillon - 1.5.0.5-7 - Let there be art for Alt+Tab again - s/tbdir/mozappdir/g - Wed Sep 6 2006 Christopher Aillon - 1.5.0.5-6 - Fix for cursor position in editor widgets by tagoh and behdad (#198759) - Tue Sep 5 2006 Christopher Aillon - 1.5.0.5-5 - Update nopangoxft.patch - Fix rendering of MathML thanks to Behdad Esfahbod. - Update start page text to reflect the MathML fixes. - Enable pango by default on all locales - Build using -rpath - Re-enable GCC visibility - Thu Aug 3 2006 Kai Engert - 1.5.0.5-4 - Fix a build failure in mailnews mime code. - Tue Aug 1 2006 Matthias Clasen - 1.5.0.5-3 - Rebuild - Thu Jul 27 2006 Christopher Aillon - 1.5.0.5-2 - Update to 1.5.0.5 - Wed Jul 12 2006 Jesse Keating - 1.5.0.4-2.1 - rebuild - Mon Jun 12 2006 Kai Engert - 1.5.0.4-2 - Update to 1.5.0.4 - Fix desktop-file-utils requires Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 24769
    published 2007-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24769
    title Fedora Core 5 : thunderbird-1.5.0.10-1.fc5 (2007-309)
oval via4
accepted 2013-04-29T04:13:09.201-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line.
family unix
id oval:org.mitre.oval:def:11313
status accepted
submitted 2010-07-09T03:56:16-04:00
title Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line.
version 24
redhat via4
advisories
  • bugzilla
    id 230158
    title seamonkey-1.0.8-x (critical) update prevents evolution from starting
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 3 is installed
        oval oval:com.redhat.rhba:tst:20070026001
      • OR
        • AND
          • comment seamonkey is earlier than 0:1.0.8-0.2.el3
            oval oval:com.redhat.rhsa:tst:20070077002
          • comment seamonkey is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734003
        • AND
          • comment seamonkey-chat is earlier than 0:1.0.8-0.2.el3
            oval oval:com.redhat.rhsa:tst:20070077014
          • comment seamonkey-chat is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734021
        • AND
          • comment seamonkey-devel is earlier than 0:1.0.8-0.2.el3
            oval oval:com.redhat.rhsa:tst:20070077016
          • comment seamonkey-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734005
        • AND
          • comment seamonkey-dom-inspector is earlier than 0:1.0.8-0.2.el3
            oval oval:com.redhat.rhsa:tst:20070077018
          • comment seamonkey-dom-inspector is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734011
        • AND
          • comment seamonkey-js-debugger is earlier than 0:1.0.8-0.2.el3
            oval oval:com.redhat.rhsa:tst:20070077010
          • comment seamonkey-js-debugger is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734013
        • AND
          • comment seamonkey-mail is earlier than 0:1.0.8-0.2.el3
            oval oval:com.redhat.rhsa:tst:20070077004
          • comment seamonkey-mail is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734019
        • AND
          • comment seamonkey-nspr is earlier than 0:1.0.8-0.2.el3
            oval oval:com.redhat.rhsa:tst:20070077008
          • comment seamonkey-nspr is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734007
        • AND
          • comment seamonkey-nspr-devel is earlier than 0:1.0.8-0.2.el3
            oval oval:com.redhat.rhsa:tst:20070077020
          • comment seamonkey-nspr-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734009
        • AND
          • comment seamonkey-nss is earlier than 0:1.0.8-0.2.el3
            oval oval:com.redhat.rhsa:tst:20070077012
          • comment seamonkey-nss is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734015
        • AND
          • comment seamonkey-nss-devel is earlier than 0:1.0.8-0.2.el3
            oval oval:com.redhat.rhsa:tst:20070077006
          • comment seamonkey-nss-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734017
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304001
      • OR
        • AND
          • comment devhelp is earlier than 0:0.10-0.7.el4
            oval oval:com.redhat.rhsa:tst:20070077023
          • comment devhelp is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734034
        • AND
          • comment devhelp-devel is earlier than 0:0.10-0.7.el4
            oval oval:com.redhat.rhsa:tst:20070077025
          • comment devhelp-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734036
        • AND
          • comment seamonkey is earlier than 0:1.0.8-0.2.el4
            oval oval:com.redhat.rhsa:tst:20070077027
          • comment seamonkey is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734003
        • AND
          • comment seamonkey-chat is earlier than 0:1.0.8-0.2.el4
            oval oval:com.redhat.rhsa:tst:20070077030
          • comment seamonkey-chat is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734021
        • AND
          • comment seamonkey-devel is earlier than 0:1.0.8-0.2.el4
            oval oval:com.redhat.rhsa:tst:20070077028
          • comment seamonkey-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734005
        • AND
          • comment seamonkey-dom-inspector is earlier than 0:1.0.8-0.2.el4
            oval oval:com.redhat.rhsa:tst:20070077034
          • comment seamonkey-dom-inspector is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734011
        • AND
          • comment seamonkey-js-debugger is earlier than 0:1.0.8-0.2.el4
            oval oval:com.redhat.rhsa:tst:20070077031
          • comment seamonkey-js-debugger is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734013
        • AND
          • comment seamonkey-mail is earlier than 0:1.0.8-0.2.el4
            oval oval:com.redhat.rhsa:tst:20070077033
          • comment seamonkey-mail is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734019
        • AND
          • comment seamonkey-nspr is earlier than 0:1.0.8-0.2.el4
            oval oval:com.redhat.rhsa:tst:20070077035
          • comment seamonkey-nspr is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734007
        • AND
          • comment seamonkey-nspr-devel is earlier than 0:1.0.8-0.2.el4
            oval oval:com.redhat.rhsa:tst:20070077029
          • comment seamonkey-nspr-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734009
        • AND
          • comment seamonkey-nss is earlier than 0:1.0.8-0.2.el4
            oval oval:com.redhat.rhsa:tst:20070077036
          • comment seamonkey-nss is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734015
        • AND
          • comment seamonkey-nss-devel is earlier than 0:1.0.8-0.2.el4
            oval oval:com.redhat.rhsa:tst:20070077032
          • comment seamonkey-nss-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060734017
    rhsa
    id RHSA-2007:0077
    released 2007-02-23
    severity Critical
    title RHSA-2007:0077: seamonkey security update (Critical)
  • bugzilla
    id 230542
    title CVE-2007-0775 Multiple Thunderbird flaws (CVE-2007-0777, CVE-2007-0995, CVE-2007-0996, CVE-2006-6077, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0008, CVE-2007-0009, CVE-2007-0981, CVE-2007-1092)
    oval
    AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhba:tst:20070304001
    • comment thunderbird is earlier than 0:1.5.0.10-0.1.el4
      oval oval:com.redhat.rhsa:tst:20070078002
    • comment thunderbird is signed with Red Hat master key
      oval oval:com.redhat.rhsa:tst:20060735003
    rhsa
    id RHSA-2007:0078
    released 2007-03-02
    severity Critical
    title RHSA-2007:0078: thunderbird security update (Critical)
  • bugzilla
    id 230562
    title CVE-2007-0775 Multiple Thunderbird flaws (CVE-2007-0777, CVE-2007-0995, CVE-2007-0996, CVE-2006-6077, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0008, CVE-2007-0009, CVE-2007-0981, CVE-2007-1282)
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • comment thunderbird is earlier than 0:1.5.0.10-1.el5
      oval oval:com.redhat.rhsa:tst:20070108002
    • comment thunderbird is signed with Red Hat redhatrelease key
      oval oval:com.redhat.rhsa:tst:20070108003
    rhsa
    id RHSA-2007:0108
    released 2007-03-13
    severity Critical
    title RHSA-2007:0108: thunderbird security update (Critical)
rpms
  • seamonkey-0:1.0.8-0.2.el3
  • seamonkey-chat-0:1.0.8-0.2.el3
  • seamonkey-devel-0:1.0.8-0.2.el3
  • seamonkey-dom-inspector-0:1.0.8-0.2.el3
  • seamonkey-js-debugger-0:1.0.8-0.2.el3
  • seamonkey-mail-0:1.0.8-0.2.el3
  • seamonkey-nspr-0:1.0.8-0.2.el3
  • seamonkey-nspr-devel-0:1.0.8-0.2.el3
  • seamonkey-nss-0:1.0.8-0.2.el3
  • seamonkey-nss-devel-0:1.0.8-0.2.el3
  • devhelp-0:0.10-0.7.el4
  • devhelp-devel-0:0.10-0.7.el4
  • seamonkey-0:1.0.8-0.2.el4
  • seamonkey-chat-0:1.0.8-0.2.el4
  • seamonkey-devel-0:1.0.8-0.2.el4
  • seamonkey-dom-inspector-0:1.0.8-0.2.el4
  • seamonkey-js-debugger-0:1.0.8-0.2.el4
  • seamonkey-mail-0:1.0.8-0.2.el4
  • seamonkey-nspr-0:1.0.8-0.2.el4
  • seamonkey-nspr-devel-0:1.0.8-0.2.el4
  • seamonkey-nss-0:1.0.8-0.2.el4
  • seamonkey-nss-devel-0:1.0.8-0.2.el4
  • thunderbird-0:1.5.0.10-0.1.el4
  • thunderbird-0:1.5.0.10-1.el5
refmap via4
bid 22845
confirm http://www.mozilla.org/security/announce/2007/mfsa2007-10.html
debian DSA-1336
fedora
  • FEDORA-2007-308
  • FEDORA-2007-309
gentoo GLSA-200703-18
misc https://bugzilla.mozilla.org/show_bug.cgi?id=362735
osvdb 33810
secunia
  • 24406
  • 24456
  • 24457
  • 24522
  • 25588
sgi 20070202-01-P
slackware
  • SSA:2007-066-04
  • SSA:2007-066-05
vupen ADV-2007-0824
xf mozilla-email-messages-overflow(32810)
Last major update 07-03-2011 - 21:51
Published 05-03-2007 - 21:19
Last modified 10-10-2017 - 21:31
Back to Top