From Mageia wiki
Jump to: navigation, search

MGASA-2012-0120

Date: June 19th, 2012
Affected releases: 1, 2


Description:
Updated mozilla-thunderbird packages fix security vulnerabilities:

Heap-based buffer overflow in the utf16_to_isolatin1 function in
Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5,
Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and
SeaMonkey before 2.10 allows remote attackers to execute arbitrary
code via vectors that trigger a character-set conversion failure
(CVE-2012-1947).

Use-after-free vulnerability in the nsFrameList::FirstChild function
in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5,
Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and
SeaMonkey before 2.10 allows remote attackers to execute arbitrary code
or cause a denial of service (heap memory corruption and application
crash) by changing the size of a container of absolutely positioned
elements in a column (CVE-2012-1940).

Heap-based buffer overflow in the
nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla
Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird
5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey
before 2.10 allows remote attackers to execute arbitrary code by
resizing a window displaying absolutely positioned and relatively
positioned elements in nested columns (CVE-2012-1941).

Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore
function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before
10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before
10.0.5, and SeaMonkey before 2.10 might allow remote attackers to
execute arbitrary code via document changes involving replacement or
insertion of a node (CVE-2012-1946).

Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5,
Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5,
and SeaMonkey before 2.10 allow local users to obtain sensitive
information via an HTML document that loads a shortcut (aka .lnk)
file for display within an IFRAME element, as demonstrated by a
network share implemented by (1) Microsoft Windows or (2) Samba
(CVE-2012-1945).

The Content Security Policy (CSP) implementation in Mozilla Firefox
4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0
through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey
before 2.10 does not block inline event handlers, which makes it
easier for remote attackers to conduct cross-site scripting (XSS)
attacks via a crafted HTML document (CVE-2012-1944).

Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before
2.10 allow remote attackers to cause a denial of service (memory
corruption and application crash) or possibly execute arbitrary
code via vectors related to (1) methodjit/ImmutableSync.cpp, (2)
the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp,
and unknown other components (CVE-2012-1938).

jsinfer.cpp in Mozilla Firefox ESR 10.x before 10.0.5 and Thunderbird
ESR 10.x before 10.0.5 does not properly determine data types,
which allows remote attackers to cause a denial of service (memory
corruption and application crash) or possibly execute arbitrary code
via crafted JavaScript code (CVE-2012-1939).

Multiple unspecified vulnerabilities in the browser engine in
Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5,
Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5,
and SeaMonkey before 2.10 allow remote attackers to cause a denial of
service (memory corruption and application crash) or possibly execute
arbitrary code via unknown vectors (CVE-2012-1937).


Updated Packages:
Mageia 1:
mozilla-thunderbird-10.0.5-1.mga1
mozilla-thunderbird-ar-10.0.5-1.mga1
mozilla-thunderbird-be-10.0.5-1.mga1
mozilla-thunderbird-bg-10.0.5-1.mga1
mozilla-thunderbird-bn_BD-10.0.5-1.mga1
mozilla-thunderbird-br-10.0.5-1.mga1
mozilla-thunderbird-ca-10.0.5-1.mga1
mozilla-thunderbird-cs-10.0.5-1.mga1
mozilla-thunderbird-da-10.0.5-1.mga1
mozilla-thunderbird-de-10.0.5-1.mga1
mozilla-thunderbird-el-10.0.5-1.mga1
mozilla-thunderbird-en_GB-10.0.5-1.mga1
mozilla-thunderbird-enigmail-10.0.5-1.mga1
mozilla-thunderbird-enigmail-ar-10.0.5-1.mga1
mozilla-thunderbird-enigmail-ca-10.0.5-1.mga1
mozilla-thunderbird-enigmail-cs-10.0.5-1.mga1
mozilla-thunderbird-enigmail-de-10.0.5-1.mga1
mozilla-thunderbird-enigmail-el-10.0.5-1.mga1
mozilla-thunderbird-enigmail-es-10.0.5-1.mga1
mozilla-thunderbird-enigmail-fi-10.0.5-1.mga1
mozilla-thunderbird-enigmail-fr-10.0.5-1.mga1
mozilla-thunderbird-enigmail-it-10.0.5-1.mga1
mozilla-thunderbird-enigmail-ja-10.0.5-1.mga1
mozilla-thunderbird-enigmail-ko-10.0.5-1.mga1
mozilla-thunderbird-enigmail-nb-10.0.5-1.mga1
mozilla-thunderbird-enigmail-nl-10.0.5-1.mga1
mozilla-thunderbird-enigmail-pl-10.0.5-1.mga1
mozilla-thunderbird-enigmail-pt-10.0.5-1.mga1
mozilla-thunderbird-enigmail-pt_BR-10.0.5-1.mga1
mozilla-thunderbird-enigmail-ru-10.0.5-1.mga1
mozilla-thunderbird-enigmail-sl-10.0.5-1.mga1
mozilla-thunderbird-enigmail-sv-10.0.5-1.mga1
mozilla-thunderbird-enigmail-tr-10.0.5-1.mga1
mozilla-thunderbird-enigmail-vi-10.0.5-1.mga1
mozilla-thunderbird-enigmail-zh_CN-10.0.5-1.mga1
mozilla-thunderbird-enigmail-zh_TW-10.0.5-1.mga1
mozilla-thunderbird-es_AR-10.0.5-1.mga1
mozilla-thunderbird-es_ES-10.0.5-1.mga1
mozilla-thunderbird-et-10.0.5-1.mga1
mozilla-thunderbird-eu-10.0.5-1.mga1
mozilla-thunderbird-fi-10.0.5-1.mga1
mozilla-thunderbird-fr-10.0.5-1.mga1
mozilla-thunderbird-fy-10.0.5-1.mga1
mozilla-thunderbird-ga-10.0.5-1.mga1
mozilla-thunderbird-gd-10.0.5-1.mga1
mozilla-thunderbird-gl-10.0.5-1.mga1
mozilla-thunderbird-he-10.0.5-1.mga1
mozilla-thunderbird-hu-10.0.5-1.mga1
mozilla-thunderbird-id-10.0.5-1.mga1
mozilla-thunderbird-is-10.0.5-1.mga1
mozilla-thunderbird-it-10.0.5-1.mga1
mozilla-thunderbird-ja-10.0.5-1.mga1
mozilla-thunderbird-ko-10.0.5-1.mga1
mozilla-thunderbird-lt-10.0.5-1.mga1
mozilla-thunderbird-nb_NO-10.0.5-1.mga1
mozilla-thunderbird-nl-10.0.5-1.mga1
mozilla-thunderbird-nn_NO-10.0.5-1.mga1
mozilla-thunderbird-pl-10.0.5-1.mga1
mozilla-thunderbird-pt_BR-10.0.5-1.mga1
mozilla-thunderbird-pt_PT-10.0.5-1.mga1
mozilla-thunderbird-ro-10.0.5-1.mga1
mozilla-thunderbird-ru-10.0.5-1.mga1
mozilla-thunderbird-si-10.0.5-1.mga1
mozilla-thunderbird-sk-10.0.5-1.mga1
mozilla-thunderbird-sl-10.0.5-1.mga1
mozilla-thunderbird-sq-10.0.5-1.mga1
mozilla-thunderbird-sv_SE-10.0.5-1.mga1
mozilla-thunderbird-ta_LK-10.0.5-1.mga1
mozilla-thunderbird-tr-10.0.5-1.mga1
mozilla-thunderbird-uk-10.0.5-1.mga1
mozilla-thunderbird-vi-10.0.5-1.mga1
mozilla-thunderbird-zh_CN-10.0.5-1.mga1
mozilla-thunderbird-zh_TW-10.0.5-1.mga1

Mageia 2:
thunderbird-10.0.5-1.mga2
thunderbird-ar-10.0.5-1.mga2
thunderbird-ast-10.0.5-1.mga2
thunderbird-be-10.0.5-1.mga2
thunderbird-bg-10.0.5-1.mga2
thunderbird-bn_BD-10.0.5-1.mga2
thunderbird-br-10.0.5-1.mga2
thunderbird-ca-10.0.5-1.mga2
thunderbird-cs-10.0.5-1.mga2
thunderbird-da-10.0.5-1.mga2
thunderbird-de-10.0.5-1.mga2
thunderbird-el-10.0.5-1.mga2
thunderbird-en_GB-10.0.5-1.mga2
thunderbird-enigmail-10.0.5-1.mga2
thunderbird-es_AR-10.0.5-1.mga2
thunderbird-es_ES-10.0.5-1.mga2
thunderbird-et-10.0.5-1.mga2
thunderbird-eu-10.0.5-1.mga2
thunderbird-fi-10.0.5-1.mga2
thunderbird-fr-10.0.5-1.mga2
thunderbird-fy-10.0.5-1.mga2
thunderbird-ga-10.0.5-1.mga2
thunderbird-gd-10.0.5-1.mga2
thunderbird-gl-10.0.5-1.mga2
thunderbird-he-10.0.5-1.mga2
thunderbird-hu-10.0.5-1.mga2
thunderbird-id-10.0.5-1.mga2
thunderbird-is-10.0.5-1.mga2
thunderbird-it-10.0.5-1.mga2
thunderbird-ja-10.0.5-1.mga2
thunderbird-ko-10.0.5-1.mga2
thunderbird-lt-10.0.5-1.mga2
thunderbird-nb_NO-10.0.5-1.mga2
thunderbird-nl-10.0.5-1.mga2
thunderbird-nn_NO-10.0.5-1.mga2
thunderbird-pa_IN-10.0.5-1.mga2
thunderbird-pl-10.0.5-1.mga2
thunderbird-pt_BR-10.0.5-1.mga2
thunderbird-pt_PT-10.0.5-1.mga2
thunderbird-ro-10.0.5-1.mga2
thunderbird-ru-10.0.5-1.mga2
thunderbird-si-10.0.5-1.mga2
thunderbird-sk-10.0.5-1.mga2
thunderbird-sl-10.0.5-1.mga2
thunderbird-sq-10.0.5-1.mga2
thunderbird-sv_SE-10.0.5-1.mga2
thunderbird-ta_LK-10.0.5-1.mga2
thunderbird-tr-10.0.5-1.mga2
thunderbird-uk-10.0.5-1.mga2
thunderbird-vi-10.0.5-1.mga2
thunderbird-zh_CN-10.0.5-1.mga2
thunderbird-zh_TW-10.0.5-1.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1939
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1941
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1944
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1945
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1946
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1947
http://www.mozilla.org/security/announce/2012/mfsa2012-34.html
http://www.mozilla.org/security/announce/2012/mfsa2012-36.html
http://www.mozilla.org/security/announce/2012/mfsa2012-37.html
http://www.mozilla.org/security/announce/2012/mfsa2012-38.html
http://www.mozilla.org/security/announce/2012/mfsa2012-40.html
https://bugs.mageia.org/show_bug.cgi?id=6390

Retrieved from "https://wiki.mageia.org/mw-en/index.php?title=Support/Advisories/MGASA-2012-0120&oldid=8087"