SB2017061606 - Arch Linux update for thunderbird
Published: June 16, 2017
Security Bulletin ID
SB2017061606
Severity
High
Patch available
YES
Number of vulnerabilities
19
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 19 secuirty vulnerabilities.
1) Memory corruption (CVE-ID: CVE-2017-5470)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to boundary error. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user
Successful exploitation of the vulnerability may result in system compromise.
2) Use-after-free error (CVE-ID: CVE-2017-5472)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to use-after-free error with the frameloader during tree reconstruction while regenerating CSS layout. A remote attacker can use a node in the tree that no longer exists, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
3) Use-after-free error (CVE-ID: CVE-2017-7749)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to use-after-free error when using an incorrect URL during the reloading of a docshell. A remote attacker can trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
4) Use-after-free error (CVE-ID: CVE-2017-7750)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to use-after-free error during video control operations when a
<track>
element holds a reference to an older window if that window has been replaced in the DOM. A remote attacker can trigger memory corruption and execute arbitrary code with privileges of the current user.Successful exploitation of the vulnerability may result in system compromise.
5) Use-after-free error (CVE-ID: CVE-2017-7751)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to use-after-free error with content viewer listeners. A remote attacker can trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
6) Use-after-free error (CVE-ID: CVE-2017-7752)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to use-after-free error during specific user interactions with the input method editor (IME) in some languages due to how events are handled. A remote attacker can trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
7) Out-of-bounds read (CVE-ID: CVE-2017-7754)
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.The weakness exists due to out-of-bounds read in WebGL. A remote attacker can use a specially crafted
ImageInfo object during WebGL operations and read arbitrary files.Successful exploitation of the vulnerability results in information disclosure.
8) Use-after-free error (CVE-ID: CVE-2017-7756)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to use-after-free and use-after-scope error when logging errors from headers for XML HTTP Requests (XHR). A remote attacker can trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
9) Use-after-free error (CVE-ID: CVE-2017-7757)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to use-after-free error in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. A remote attacker can trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
10) Out-of-bounds read (CVE-ID: CVE-2017-7758)
The vulnerability allows a remote attacker to obtain potentially sensitive on the target system.The weakness exists due to out-of-bounds read with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. A remote attacker can trigger memory corruption and read arbitrary files on the system.
Successful exploitation of the vulnerability results in information disclosure.
11) Information disclosure (CVE-ID: CVE-2017-7764)
The vulnerability allows a remote attacker to perform spoofing attack.The weakness exists due to mix of characters from the "Canadian Syllabics" unicode block with characters from other unicode blocks in the addressbar instead of being rendered as their raw "punycode" form. A remote attacker can use characters confusion to perform domain name spoofing attacks and read arbitrary files.
Successful exploitation of the vulnerability results in information disclosure.
12) Out-of-bounds read (CVE-ID: CVE-2017-7771)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists in Graphite 2 library due to out-of-bounds-read. A remote attacker can cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
13) Heap-buffer-overflow write (CVE-ID: CVE-2017-7772)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists in Graphite 2 library due to heap-buffer-overflow write. A remote attacker can execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
14) Heap-buffer-overflow write (CVE-ID: CVE-2017-7773)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists in Graphite 2 library due to heap-buffer-overflow write. A remote attacker can execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
15) Out-of-bounds read (CVE-ID: CVE-2017-7774)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists in Graphite 2 library due to out-of-bounds-read. A remote attacker can cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
16) Denial of service (CVE-ID: CVE-2017-7775)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists in Graphite 2 library due to an error in 'size() > n'. A remote attacker can cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
17) Heap-buffer-overflow read (CVE-ID: CVE-2017-7776)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists in Graphite 2 library due to heap-buffer-overflow read. A remote attacker can cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
18) Denial of service (CVE-ID: CVE-2017-7777)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists in Graphite 2 library due to use of uninitialized memory. A remote attacker can cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
19) Out-of-bounds write (CVE-ID: CVE-2017-7778)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists in Graphite 2 library due to out-of-bounds-write. A remote attacker can execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
Remediation
Install update from vendor's website.