SB2024100153 - SUSE update for MozillaThunderbird 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024100153

SB2024100153 - SUSE update for MozillaThunderbird

Published: October 1, 2024 Updated: February 7, 2025

Security Bulletin ID SB2024100153
Severity
High
Patch available
YES
Number of vulnerabilities 32
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 44% Medium 25% Low 31%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 32 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2024-6600)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in WebGL API. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Note, the vulnerability affects Firefox installations on macOS only.


2) Race condition (CVE-ID: CVE-2024-6601)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to a race condition in permission assignment. A remote attacker can trick the victim to visit a specially crafted website, bypass cross-origin container obtaining permissions of the top-level origin and gain access to sensitive information.


3) Buffer overflow (CVE-ID: CVE-2024-6602)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in NSS. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


4) Buffer overflow (CVE-ID: CVE-2024-6603)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in thread creation. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and crash the browser.


5) Buffer overflow (CVE-ID: CVE-2024-6604)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


6) Out-of-bounds read (CVE-ID: CVE-2024-6606)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in clipboard component. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.


7) Insufficient UI Warning of Dangerous Operations (CVE-ID: CVE-2024-6607)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to the way the browsers handles escape button and pointerlock. It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a <select> element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions.


8) Insufficient UI Warning of Dangerous Operations (CVE-ID: CVE-2024-6608)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to an error when handling cursor and pointerlock. It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window.


9) Double free (CVE-ID: CVE-2024-6609)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in NSS. A remote attacker can force the browser to free an elliptic curve key which was never allocated and crash the browser.


10) Unimplemented or Unsupported Feature in UI (CVE-ID: CVE-2024-6610)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to an error in form validation popups. A remote attacker can spam form validation messages to prevent users from exiting full-screen mode.


11) Information disclosure (CVE-ID: CVE-2024-6611)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to SameSite=Strict or Lax cookies could be sent to a nested iframe. A remote attacker can gain access to potentially sensitive information.


12) Security features bypass (CVE-ID: CVE-2024-6612)

The vulnerability allows a remote attacker to bypass CSP protection mechanism.

The vulnerability exists due to CSP violation leakage when using devtools. CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened.


13) Infinite loop (CVE-ID: CVE-2024-6613)

The vulnerability allows a remote attacker to alter trace data,

The vulnerability exists due to infinite loop. The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces.


14) Infinite loop (CVE-ID: CVE-2024-6614)

The vulnerability allows a remote attacker to alter trace data.

The vulnerability exists due to infinite loop. The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces.


15) Buffer overflow (CVE-ID: CVE-2024-6615)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


16) Multiple Interpretations of UI Input (CVE-ID: CVE-2024-7518)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exist due to improper input interpretation in UI when handling select options. A remote attacler can obscure the fullscreen notification dialog by document content and perform spoofing attack.


17) Out-of-bounds read (CVE-ID: CVE-2024-7519)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a boundary error when processing graphics shared memory. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger an out-of-bounds read and bypass browser sandbox.


18) Type Confusion (CVE-ID: CVE-2024-7520)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a type confusion error in WebAssembly. A remote attacker can trick the victim to visit a specially crafted website, trigger a type confusion error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


19) Use-after-free (CVE-ID: CVE-2024-7521)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in WebAssembly. A remote attacker can trick the victim to visit a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.


20) Out-of-bounds read (CVE-ID: CVE-2024-7522)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a boundary error in editor component. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger an out-of-bounds read and bypass browser sandbox.


21) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2024-7525)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due missing permission check when creating a StreamFilter. A web extension with minimal permissions can create a StreamFilter, which can be used to read and modify the response body of requests on any site.


22) Use of uninitialized resource (CVE-ID: CVE-2024-7526)

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exists due to usage of uninitialized resources in WebGL ANGLE. A remote attacker can trick the victim to visit a specially crafted website and gain access to sensitive information.


23) Use-after-free (CVE-ID: CVE-2024-7527)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in JavaScript garbage collection. A remote attacker can trick the victim into visiting a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.


24) Use-after-free (CVE-ID: CVE-2024-7528)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in IndexedDB. A remote attacker can trick the victim into visiting a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.


25) Multiple Interpretations of UI Input (CVE-ID: CVE-2024-7529)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exist due to improper handling of the date picker, which can obscure security prompts. A remote attacker use a malicious site to trick a victim into granting permissions.


26) Type Confusion (CVE-ID: CVE-2024-8381)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a type confusion error when looking up a property name in a "with" block. A remote attacker can trick the victim into visiting a specially crafted website, trigger a type confusion error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


27) Exposed dangerous method or function (CVE-ID: CVE-2024-8382)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to internal browser event interfaces are exposed to web content when privileged EventHandler listener callbacks ran for those events. A remote attacker can indicate usage of certain browser features, such as when a user opens the Dev Tools console.


28) Buffer overflow (CVE-ID: CVE-2024-8384)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in JavaScript garbage collector when HTML content. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


29) Type Confusion (CVE-ID: CVE-2024-8385)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a type confusion error when handling StructFields and ArrayTypes in WASM. A remote attacker can trick the victim into visiting a specially crafted website, trigger a type confusion error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


30) Improper Restriction of Rendered UI Layers or Frames (CVE-ID: CVE-2024-8386)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to an error when displaying SelectElements popup if a site had been granted the permission to open popup windows. A remote attacker can perform spoofing attack.


31) Buffer overflow (CVE-ID: CVE-2024-8387)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


32) Use-after-free (CVE-ID: CVE-2024-8394)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error when aborting verification of an OTR chat session. A remote attacker can crash the application.


Remediation

Install update from vendor's website.

References