Vulnerabilities > CVE-2019-11704 - Out-of-bounds Write vulnerability in Mozilla Thunderbird

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
mozilla
CWE-787
nessus
exploit available

Summary

A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.

Vulnerable Configurations

Part Description Count
Application
Mozilla
363

Common Weakness Enumeration (CWE)

Exploit-Db

idEDB-ID:47002
last seen2019-06-17
modified2019-06-17
published2019-06-17
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/47002
titleThunderbird ESR &lt; 60.7.XXX - &#039;icalmemorystrdupanddequote&#039; Heap-Based Buffer Overflow

Nessus

  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201908-20.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201908-20 (Mozilla Thunderbird: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id127969
    published2019-08-20
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127969
    titleGLSA-201908-20 : Mozilla Thunderbird: Multiple vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 201908-20.
    #
    # The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(127969);
      script_version("1.2");
      script_cvs_date("Date: 2019/09/24 11:01:33");
    
      script_cve_id("CVE-2019-11703", "CVE-2019-11704", "CVE-2019-11705", "CVE-2019-11706", "CVE-2019-11709", "CVE-2019-11711", "CVE-2019-11712", "CVE-2019-11713", "CVE-2019-11715", "CVE-2019-11717", "CVE-2019-11719", "CVE-2019-11729", "CVE-2019-11730", "CVE-2019-9811");
      script_xref(name:"GLSA", value:"201908-20");
    
      script_name(english:"GLSA-201908-20 : Mozilla Thunderbird: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-201908-20
    (Mozilla Thunderbird: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in Mozilla Thunderbird.
          Please review the CVE identifiers referenced below for details.
      
    Impact :
    
        Please review the referenced CVE identifiers for details.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/201908-20"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All Mozilla Thunderbird users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=mail-client/thunderbird-60.8.0'
        All Mozilla Thunderbird binary users should upgrade to the latest
          version:
          # emerge --sync
          # emerge --ask --oneshot --verbose
          '>=mail-client/thunderbird-bin-60.8.0'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:thunderbird");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:thunderbird-bin");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/23");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/08/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/20");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"mail-client/thunderbird-bin", unaffected:make_list("ge 60.8.0"), vulnerable:make_list("lt 60.8.0"))) flag++;
    if (qpkg_check(package:"mail-client/thunderbird", unaffected:make_list("ge 60.8.0"), vulnerable:make_list("lt 60.8.0"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Mozilla Thunderbird");
    }
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4028-1.NASL
    descriptionMultiple memory safety issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id126099
    published2019-06-21
    reporterUbuntu Security Notice (C) 2019 Canonical, Inc. / NASL script (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126099
    titleUbuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : thunderbird vulnerabilities (USN-4028-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-4028-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(126099);
      script_version("1.5");
      script_cvs_date("Date: 2019/09/18 12:31:49");
    
      script_cve_id("CVE-2019-11703", "CVE-2019-11704", "CVE-2019-11705", "CVE-2019-11706");
      script_xref(name:"USN", value:"4028-1");
    
      script_name(english:"Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : thunderbird vulnerabilities (USN-4028-1)");
      script_summary(english:"Checks dpkg output for updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Ubuntu host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple memory safety issues were discovered in Thunderbird. If a
    user were tricked in to opening a specially crafted message, an
    attacker could potentially exploit these to cause a denial of service,
    or execute arbitrary code.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/4028-1/"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected thunderbird package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:thunderbird");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.10");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:19.04");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/23");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/06/20");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/06/21");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2019 Canonical, Inc. / NASL script (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(16\.04|18\.04|18\.10|19\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 16.04 / 18.04 / 18.10 / 19.04", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"16.04", pkgname:"thunderbird", pkgver:"1:60.7.1+build1-0ubuntu0.16.04.1")) flag++;
    if (ubuntu_check(osver:"18.04", pkgname:"thunderbird", pkgver:"1:60.7.1+build1-0ubuntu0.18.04.1")) flag++;
    if (ubuntu_check(osver:"18.10", pkgname:"thunderbird", pkgver:"1:60.7.1+build1-0ubuntu0.18.10.1")) flag++;
    if (ubuntu_check(osver:"19.04", pkgname:"thunderbird", pkgver:"1:60.7.1+build1-0ubuntu0.19.04.1")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "thunderbird");
    }
    
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_98F1241F8C094237AD0D67FB4158EA7A.NASL
    descriptionMozilla Foundation reports : CVE-2019-11703: Heap buffer overflow in icalparser.c A flaw in Thunderbird
    last seen2020-06-01
    modified2020-06-02
    plugin id126139
    published2019-06-24
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126139
    titleFreeBSD : Mozilla -- multiple vulnerabilities (98f1241f-8c09-4237-ad0d-67fb4158ea7a)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1820.NASL
    descriptionMultiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read. For Debian 8
    last seen2020-06-01
    modified2020-06-02
    plugin id125956
    published2019-06-18
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125956
    titleDebian DLA-1820-1 : thunderbird security update
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2019-164-01.NASL
    descriptionNew mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id125917
    published2019-06-14
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125917
    titleSlackware 14.2 / current : mozilla-thunderbird (SSA:2019-164-01)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1626.NASL
    descriptionAn update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Security Fix(es) : * Mozilla: Type confusion in Array.pop (CVE-2019-11707) * thunderbird: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c (CVE-2019-11705) * Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708) * thunderbird: Heap buffer over read in icalparser.c parser_get_next_char (CVE-2019-11703) * thunderbird: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c (CVE-2019-11704) * thunderbird: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c (CVE-2019-11706) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-06-28
    plugin id126321
    published2019-06-28
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126321
    titleRHEL 7 : thunderbird (RHSA-2019:1626)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1624.NASL
    descriptionAn update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Security Fix(es) : * Mozilla: Type confusion in Array.pop (CVE-2019-11707) * thunderbird: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c (CVE-2019-11705) * Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708) * thunderbird: Heap buffer over read in icalparser.c parser_get_next_char (CVE-2019-11703) * thunderbird: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c (CVE-2019-11704) * thunderbird: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c (CVE-2019-11706) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-06-28
    plugin id126320
    published2019-06-28
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126320
    titleRHEL 6 : thunderbird (RHSA-2019:1624)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20190627_THUNDERBIRD_ON_SL6_X.NASL
    descriptionSecurity Fix(es) : - Mozilla: Type confusion in Array.pop (CVE-2019-11707) - thunderbird: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c (CVE-2019-11705) - Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708) - thunderbird: Heap buffer over read in icalparser.c parser_get_next_char (CVE-2019-11703) - thunderbird: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c (CVE-2019-11704) - thunderbird: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c (CVE-2019-11706)
    last seen2020-05-31
    modified2019-07-01
    plugin id126366
    published2019-07-01
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126366
    titleScientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20190627)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0163_THUNDERBIRD.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - A flaw in Thunderbird
    last seen2020-06-01
    modified2020-06-02
    plugin id127447
    published2019-08-12
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127447
    titleNewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0163)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2019-1250.NASL
    descriptionlibical: Heap buffer over read in icalparser.c parser_get_next_char (CVE-2019-11703) libical: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c (CVE-2019-11706) Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708) libical: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c (CVE-2019-11705) libical: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c (CVE-2019-11704) Mozilla: Type confusion in Array.pop (CVE-2019-11707)
    last seen2020-05-31
    modified2019-07-24
    plugin id126962
    published2019-07-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126962
    titleAmazon Linux 2 : thunderbird (ALAS-2019-1250)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-1623.NASL
    descriptionFrom Red Hat Security Advisory 2019:1623 : An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Security Fix(es) : * Mozilla: Type confusion in Array.pop (CVE-2019-11707) * thunderbird: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c (CVE-2019-11705) * Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708) * thunderbird: Heap buffer over read in icalparser.c parser_get_next_char (CVE-2019-11703) * thunderbird: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c (CVE-2019-11704) * thunderbird: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c (CVE-2019-11706) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-08-12
    plugin id127595
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127595
    titleOracle Linux 8 : thunderbird (ELSA-2019-1623)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4464.NASL
    descriptionMultiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read.
    last seen2020-06-01
    modified2020-06-02
    plugin id125930
    published2019-06-17
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125930
    titleDebian DSA-4464-1 : thunderbird - security update
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0178_THUNDERBIRD.NASL
    descriptionThe remote NewStart CGSL host, running version MAIN 4.06, has thunderbird packages installed that are affected by multiple vulnerabilities: - Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (CVE-2019-5798) - Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. *Note: This only affects Firefox 65. Previous versions are unaffected.*. This vulnerability affects Firefox < 65.0.1. (CVE-2018-18511) - Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox < 66. (CVE-2019-9797) - A flaw in Thunderbird
    last seen2020-06-01
    modified2020-06-02
    plugin id128698
    published2019-09-11
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128698
    titleNewStart CGSL MAIN 4.06 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0178)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1606.NASL
    descriptionThis update for MozillaThunderbird fixes the following issues : Security issues fixed : - CVE-2019-11703: Fixed a heap-based buffer overflow in icalmemorystrdupanddequote() (bsc#1137595). - CVE-2019-11704: Fixed a heap-based buffer overflow in parser_get_next_char() (bsc#1137595). - CVE-2019-11705: Fixed a stack-based buffer overflow in icalrecur_add_bydayrules() (bsc#1137595). - CVE-2019-11706: Fixed a type confusion in icaltimezone_get_vtimezone_properties() (bsc#1137595). - CVE-2019-11707: Fixed a type confusion in Array.pop (bsc#1138872). - CVE-2019-11708: Fixed a sandbox escape using Prompt:Open (bsc#1138872). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id126231
    published2019-06-25
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126231
    titleopenSUSE Security Update : MozillaThunderbird (openSUSE-2019-1606)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1583.NASL
    descriptionThis update for MozillaThunderbird fixes the following security issues : - CVE-2019-11703: Fixed a heap-based buffer overflow in icalmemorystrdupanddequote() (bsc#1137595). - CVE-2019-11704: Fixed a heap-based buffer overflow in parser_get_next_char() (bsc#1137595). - CVE-2019-11705: Fixed a stack-based buffer overflow in icalrecur_add_bydayrules() (bsc#1137595). - CVE-2019-11706: Fixed a type confusion in icaltimezone_get_vtimezone_properties() (bsc#1137595). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id126043
    published2019-06-19
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126043
    titleopenSUSE Security Update : MozillaThunderbird (openSUSE-2019-1583)
  • NASL familyWindows
    NASL idMOZILLA_THUNDERBIRD_60_7_1.NASL
    descriptionThe version of Thunderbird installed on the remote Windows host is prior to 60.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-17 advisory. - A flaw in Thunderbird
    last seen2020-06-01
    modified2020-06-02
    plugin id125950
    published2019-06-18
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125950
    titleMozilla Thunderbird < 60.7.1
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2020-0022_THUNDERBIRD.NASL
    descriptionThe remote NewStart CGSL host, running version MAIN 4.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user
    last seen2020-03-18
    modified2020-03-11
    plugin id134410
    published2020-03-11
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134410
    titleNewStart CGSL MAIN 4.05 : thunderbird Multiple Vulnerabilities (NS-SA-2020-0022)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOS_THUNDERBIRD_60_7_1.NASL
    descriptionThe version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 60.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-17 advisory. - A flaw in Thunderbird
    last seen2020-06-01
    modified2020-06-02
    plugin id125949
    published2019-06-18
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125949
    titleMozilla Thunderbird < 60.7.1
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-1624.NASL
    descriptionAn update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Security Fix(es) : * Mozilla: Type confusion in Array.pop (CVE-2019-11707) * thunderbird: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c (CVE-2019-11705) * Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708) * thunderbird: Heap buffer over read in icalparser.c parser_get_next_char (CVE-2019-11703) * thunderbird: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c (CVE-2019-11704) * thunderbird: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c (CVE-2019-11706) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-07-02
    plugin id126388
    published2019-07-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126388
    titleCentOS 6 : thunderbird (CESA-2019:1624)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-1624.NASL
    descriptionFrom Red Hat Security Advisory 2019:1624 : An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Security Fix(es) : * Mozilla: Type confusion in Array.pop (CVE-2019-11707) * thunderbird: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c (CVE-2019-11705) * Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708) * thunderbird: Heap buffer over read in icalparser.c parser_get_next_char (CVE-2019-11703) * thunderbird: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c (CVE-2019-11704) * thunderbird: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c (CVE-2019-11706) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-06-28
    plugin id126317
    published2019-06-28
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126317
    titleOracle Linux 6 : thunderbird (ELSA-2019-1624)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1577.NASL
    descriptionThis update for MozillaThunderbird fixes the following issues : Mozilla Thunderbird was updated to 60.7.1 : Security issues fixed with MFSA 2019-17 (boo#1137595) - CVE-2019-11703: Fixed a heap-based buffer overflow in icalmemorystrdupanddequote() (bsc#1137595). - CVE-2019-11704: Fixed a heap-based buffer overflow in parser_get_next_char() (bsc#1137595). - CVE-2019-11705: Fixed a stack-based buffer overflow in icalrecur_add_bydayrules() (bsc#1137595). - CVE-2019-11706: Fixed a type confusion in icaltimezone_get_vtimezone_properties() (bsc#1137595). Also fixed : - No prompt for smartcard PIN when S/MIME signing is used
    last seen2020-06-01
    modified2020-06-02
    plugin id126038
    published2019-06-19
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126038
    titleopenSUSE Security Update : MozillaThunderbird (openSUSE-2019-1577)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0160_THUNDERBIRD.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has thunderbird packages installed that are affected by multiple vulnerabilities: - A flaw in Thunderbird
    last seen2020-06-01
    modified2020-06-02
    plugin id127441
    published2019-08-12
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127441
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0160)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20190627_THUNDERBIRD_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - Mozilla: Type confusion in Array.pop (CVE-2019-11707) - thunderbird: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c (CVE-2019-11705) - Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708) - thunderbird: Heap buffer over read in icalparser.c parser_get_next_char (CVE-2019-11703) - thunderbird: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c (CVE-2019-11704) - thunderbird: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c (CVE-2019-11706)
    last seen2020-05-31
    modified2019-07-02
    plugin id126435
    published2019-07-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126435
    titleScientific Linux Security Update : thunderbird on SL7.x x86_64 (20190627)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-1626.NASL
    descriptionFrom Red Hat Security Advisory 2019:1626 : An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Security Fix(es) : * Mozilla: Type confusion in Array.pop (CVE-2019-11707) * thunderbird: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c (CVE-2019-11705) * Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708) * thunderbird: Heap buffer over read in icalparser.c parser_get_next_char (CVE-2019-11703) * thunderbird: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c (CVE-2019-11704) * thunderbird: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c (CVE-2019-11706) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-06-28
    plugin id126318
    published2019-06-28
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126318
    titleOracle Linux 7 : thunderbird (ELSA-2019-1626)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1623.NASL
    descriptionAn update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Security Fix(es) : * Mozilla: Type confusion in Array.pop (CVE-2019-11707) * thunderbird: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c (CVE-2019-11705) * Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708) * thunderbird: Heap buffer over read in icalparser.c parser_get_next_char (CVE-2019-11703) * thunderbird: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c (CVE-2019-11704) * thunderbird: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c (CVE-2019-11706) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-06-28
    plugin id126319
    published2019-06-28
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126319
    titleRHEL 8 : thunderbird (RHSA-2019:1623)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-1626.NASL
    descriptionAn update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Security Fix(es) : * Mozilla: Type confusion in Array.pop (CVE-2019-11707) * thunderbird: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c (CVE-2019-11705) * Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708) * thunderbird: Heap buffer over read in icalparser.c parser_get_next_char (CVE-2019-11703) * thunderbird: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c (CVE-2019-11704) * thunderbird: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c (CVE-2019-11706) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-07-02
    plugin id126389
    published2019-07-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126389
    titleCentOS 7 : thunderbird (CESA-2019:1626)

Redhat

rpms
  • thunderbird-0:60.7.2-2.el8_0
  • thunderbird-debuginfo-0:60.7.2-2.el8_0
  • thunderbird-debugsource-0:60.7.2-2.el8_0
  • thunderbird-0:60.7.2-2.el6_10
  • thunderbird-debuginfo-0:60.7.2-2.el6_10
  • thunderbird-0:60.7.2-2.el7_6
  • thunderbird-debuginfo-0:60.7.2-2.el7_6