Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2019.0043 Mozilla Foundation Security Advisory 2019-03 30 January 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Mozilla Thunderbird Operating System: UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Increased Privileges -- Remote with User Interaction Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2018-18505 CVE-2018-18501 CVE-2018-18500 CVE-2016-5824 Member content until: Friday, March 1 2019 Reference: ASB-2019.0042 OVERVIEW A vulnerability has been identified in Mozilla Thunderbird prior to version 60.5. [1] IMPACT Mozilla has given the following information regarding these vulnerabilities: "CVE-2016-5824: DoS (use-after-free) via a crafted ics file Reporter Brandon Perry Impact low Description A vulnerability in the Libical libary used by Thunderbird can allow remote attackers to cause a denial of service (use-after-free) via a crafted ICS calendar file." [1] "CVE-2018-18500: Use-after-free parsing HTML5 stream Reporter Yaniv Frank with SophosLabs Impact critical Description A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash." [1] "CVE-2018-18501: Memory safety bugs fixed in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5 Reporter Mozilla developers and community Impact critical Description Mozilla developers and community members Alex Gaynor, Christoph Diehl, Steven Crane, Jason Kratzer, Gary Kwong, and Christian Holler reported memory safety bugs present in Firefox 64, Firefox ESR 60.4, and Thunderbird 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code." [1] "CVE-2018-18505: Privilege escalation through IPC channel messages Reporter Jed Davis Impact high Description An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later channels. This could allow for a sandbox escape through IPC channels due to lack of message validation in the listener process." [1] MITIGATION Mozilla recommends upgrading Thunderbird to the latest version - Thunderbird 60.5. [1] REFERENCES [1] Security vulnerabilities fixed in Thunderbird 60.5 https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/ AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXFDyv2aOgq3Tt24GAQiCEA//Qlkbgs6I6yq3b11XCjWfW08sKI3r5P40 ncdns7+9BDDomAEfJoQmTMw/0qUwDkc0ONCuduyKUth7N4jMJM42V8GKiltdFElH kMoAtNE0Pw9UtnveGyfwxqde5KxSdlMBpyX5ZGuQ8VnX8YbU0zEIZlHWQngcvSZK KUfvZ3PZwjYZsAGpSV/laqXG4db5O6fN3ybaAPoiZzq1GtWcUy2Rf0CRxF0FZxLv ImjZW7q6kkTWOZdTf1xufIPPkwSh/FXdEbFkq7J6WAXFRRwH8XmVrGHEKzXElgGr Tp0Ay1LCiWHUoRGYJhrzHmpu3NbrdwM1jHTevjbDLdYeyFOfo6F9pMmrFaHE5cx7 +fazn8kZj1JXKkbXkjGtjb/sWkTMgeetxz25SyjRxO4n5thAs2hd6b5nh1phrH7x jiCFPsaH+oqIOGdb8qda/fn60E68cgzyEkwwDxX+lXIY+V5HUUmYbVqUnzWP9trF fs+Byc3CFKFohMjAk6NaA9ve2xM7lwNsk1v7VFiRQ8JQdjMkVlHkr+wxW4+ado/C 4brs3/+p5oKaAVCBPuulzeDQc2+672ddLjbKhWEOSDyQf3K6q3R9q6ZjikWRykJq wHUTA9njrN5cwKvH+zFcubcxRHjFSaIRk8Q2Igur+VoB+Ui1jpUSzX1zDYPpXVrn zKLR3EVo1Zs= =pbV5 -----END PGP SIGNATURE-----