Test ID:	1.3.6.1.4.1.25623.1.0.71199
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2012:0388
Summary:	Redhat Security Advisory RHSA-2012:0388
Description:	The remote host is missing updates announced in advisory RHSA-2012:0388. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-0461, CVE-2012-0462, CVE-2012-0464) Two flaws were found in the way Thunderbird parsed certain Scalable Vector Graphics (SVG) image files. An HTML mail message containing a malicious SVG image file could cause an information leak, or cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-0456, CVE-2012-0457) A flaw could allow malicious content to bypass intended restrictions, possibly leading to a cross-site scripting (XSS) attack if a user were tricked into dropping a javascript: link onto a frame. (CVE-2012-0455) It was found that the home page could be set to a javascript: link. If a user were tricked into setting such a home page by dragging a link to the home button, it could cause Firefox to repeatedly crash, eventually leading to arbitrary code execution with the privileges of the user running Firefox. A similar flaw was found and fixed in Thunderbird. (CVE-2012-0458) A flaw was found in the way Thunderbird parsed certain, remote content containing cssText. Malicious, remote content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-0459) It was found that by using the DOM fullscreen API, untrusted content could bypass the mozRequestFullscreen security protections. Malicious content could exploit this API flaw to cause user interface spoofing. (CVE-2012-0460) A flaw was found in the way Thunderbird handled content with multiple Content Security Policy (CSP) headers. This could lead to a cross-site scripting attack if used in conjunction with a website that has a header injection flaw. (CVE-2012-0451) Note: All issues except CVE-2012-0456 and CVE-2012-0457 cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. It could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 10.0.3 ESR, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2012-0388.html Risk factor : High
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0451 SuSE Security Announcement: openSUSE-SU-2012:0417 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html http://www.ubuntu.com/usn/USN-1400-3 http://www.ubuntu.com/usn/USN-1400-4 http://www.ubuntu.com/usn/USN-1400-5 http://www.ubuntu.com/usn/USN-1400-2 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14909 http://secunia.com/advisories/48629 http://secunia.com/advisories/48513 http://secunia.com/advisories/48496 http://secunia.com/advisories/48553 http://secunia.com/advisories/48561 http://secunia.com/advisories/49055 Common Vulnerability Exposure (CVE) ID: CVE-2012-0455 Debian Security Information: DSA-2433 (Google Search) http://www.debian.org/security/2012/dsa-2433 http://www.ubuntu.com/usn/USN-1401-1 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14829 http://secunia.com/advisories/48495 http://secunia.com/advisories/48624 Common Vulnerability Exposure (CVE) ID: CVE-2012-0456 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:15007 Common Vulnerability Exposure (CVE) ID: CVE-2012-0457 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14775 Common Vulnerability Exposure (CVE) ID: CVE-2012-0458 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:15122 Common Vulnerability Exposure (CVE) ID: CVE-2012-0459 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:15066 Common Vulnerability Exposure (CVE) ID: CVE-2012-0460 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:15114 Common Vulnerability Exposure (CVE) ID: CVE-2012-0461 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:15009 Common Vulnerability Exposure (CVE) ID: CVE-2012-0462 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:15012 Common Vulnerability Exposure (CVE) ID: CVE-2012-0464 http://pwn2own.zerodayinitiative.com/status.html http://www.zdnet.com/blog/security/mozilla-knew-of-pwn2own-bug-before-cansecwest/10757 http://www.zdnet.com/blog/security/researchers-hack-into-newest-firefox-with-zero-day-flaw/10663 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14170
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: