08 Oct 2018

Mozilla has patched numerous security vulnerabilities with the release of Thunderbird version 60.2.1. There was a total of seven vulnerabilities and one of them were considered as Critical as it was related to memory corruption and if exploited it could potentially lead to remote code execution. The remaining vulnerabilities were labelled as 2 high, 3 moderate, and 1 as low.

CVE-2018-12376: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2 labelled as critical

Some of them showed proof of memory corruption and with some struggle they could be exploited to run arbitrary code.

CVE-2018-12377: Use-after-free in refresh driver timers labelled as high

A use-after-free vulnerability can occur when refresh driver timers are refreshed in certain circumstances during shutdown when the timer is deleted while still in use and this could result in an exploitable crash.

CVE-2018-12378: Use-after-free in IndexedDB labelled as high

A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored and this could result in a potentially exploitable crash.

The vulnerabilities labelled as moderate include

CVE-2018-12379: Out-of-bounds write with malicious MAR file

CVE-2017-16541: Proxy bypass using automount and autofs

CVE-2018-12385: Crash in TransportSecurityInfo due to cached data

These bugs resulted in crashing of the Thunderbird and the bug which was rated as low is dubbed as “CVE-2018-12383”. After the Firefox 58, when a master password is set, it does not delete unencrypted previously stored passwords and a copy of these are easily accessible. The new master password is added only on the new file. As per the security advisory, this CVE-2018-12383 vulnerability permits the users an easy access to unencrypted passwords.

Mozilla Thunderbird users are highly recommended to upgrade to the latest version.

Technical Writer,  Blogger,

Leave your thought

This site uses Akismet to reduce spam. Learn how your comment data is processed.