Bug 214450 - CVE-2006-5462 Multiple thunderbird vulnerabilities (CVE-2006-5463, CVE-2006-5464, CVE-2006-5747, CVE-2006-5748)
Summary: CVE-2006-5462 Multiple thunderbird vulnerabilities (CVE-2006-5463, CVE-2006-5...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: thunderbird
Version: 4.0
Hardware: All
OS: Linux
medium
urgent
Target Milestone: ---
: ---
Assignee: Christopher Aillon
QA Contact:
URL:
Whiteboard: impact=critical,reported=20061107,pub...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-11-07 18:02 UTC by Josh Bressers
Modified: 2007-11-30 22:07 UTC (History)
1 user (show)

Fixed In Version: RHSA-2006-0735
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-11-08 08:46:10 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2006:0735 0 normal SHIPPED_LIVE Critical: thunderbird security update 2006-11-08 08:46:09 UTC

Comment 2 Josh Bressers 2006-11-07 22:04:56 UTC 
+++ This bug was initially created as a clone of Bug #214445 +++

The Mozilla project is releasing Thunderbird 1.5.0.8 to fix a number of security
flaws (Text taken from the upstream advisories):

mfsa2006-66
CVE-2006-5462
impact=important,reported=20061107,public=20061107,source=mozilla

    MFSA 2006-60 reported that RSA digital signatures with a low exponent
    (typically 3) could be forged, and that this flaw was corrected in the 
    Mozilla Network Security Services (NSS) library version 3.11.3 used by 
    Firefox 2.0 and current development versions of Mozilla clients.

    Ulrich Kuehn reported that Firefox 1.5.0.7, which incorporated NSS version 
    3.10.2, was incompletely patched and remained vulnerable to a variant of 
    this attack.

mfsa2006-67
CVE-2006-5463 
impact=moderate,reported=20061107,public=20061107,source=mozilla

    shutdown demonstrated that it was possible to modify a Script object while 
    it was executing, potentially leading to the execution of arbitrary 
    JavaScript bytecode.

mfsa2006-65

    As part of the Firefox 1.5.0.8 release we fixed several bugs to improve the 
    stability of the product. Some of these were crashes that showed evidence of 
    memory corruption and we presume that at least some of these could be 
    exploited to run arbitrary code with enough effort.

    CVE-2006-5464
    impact=critical,reported=20061107,public=20061107,source=mozilla
        Jesse Ruderman and Martijn Wargers reported crashes in the layout engine

    CVE-2006-5747
    impact=moderate,reported=20061107,public=20061107,source=mozilla
        shutdown demonstrated that a crash in XML.prototype.hasOwnProperty was 
        exploitable

    CVE-2006-5748
    impact=moderate,reported=20061107,public=20061107,source=mozilla
        Igor Bukanov and Jesse Ruderman reported potential memory corruption in 
        the JavaScript engine
Comment 3 Mark J. Cox 2006-11-08 08:04:59 UTC 
removing embargo, now public at http://www.mozilla.org/security/announce/
Comment 4 Red Hat Bugzilla 2006-11-08 08:46:11 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0735.html
Note You need to log in before you can comment on or make changes to this bug.