usn-2428-1
Vulnerability from osv_ubuntu
Gary Kwong, Randell Jesup, Nils Ohlmeier, Jesse Ruderman, and Max Jonas Werner discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2014-1587)
Joe Vennix discovered a crash when using XMLHttpRequest in some circumstances. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to cause a denial of service. (CVE-2014-1590)
Berend-Jan Wever discovered a use-after-free during HTML parsing. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2014-1592)
Abhishek Arya discovered a buffer overflow when parsing media content. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2014-1593)
Byoungyoung Lee, Chengyu Song, and Taesoo Kim discovered a bad cast in the compositor. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit this to cause undefined behaviour, a denial of service via application crash or execute abitrary code with the privileges of the user invoking Thunderbird. (CVE-2014-1594)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2014-1587",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1590",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1592",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1593",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2014-1594",
"severity": [
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:14.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "thunderbird",
"binary_version": "1:31.3.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "thunderbird-globalmenu",
"binary_version": "1:31.3.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "thunderbird-gnome-support",
"binary_version": "1:31.3.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "thunderbird-mozsymbols",
"binary_version": "1:31.3.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "thunderbird-testsuite",
"binary_version": "1:31.3.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "xul-ext-calendar-timezones",
"binary_version": "1:31.3.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "xul-ext-gdata-provider",
"binary_version": "1:31.3.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "xul-ext-lightning",
"binary_version": "1:31.3.0+build1-0ubuntu0.14.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:14.04:LTS",
"name": "thunderbird",
"purl": "pkg:deb/ubuntu/thunderbird@1:31.3.0+build1-0ubuntu0.14.04.1?arch=source\u0026distro=trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:31.3.0+build1-0ubuntu0.14.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:24.0+build1-0ubuntu1",
"1:24.0+build1-0ubuntu2",
"1:24.1.1+build1-0ubuntu0.13.10.1",
"1:24.1.1+build1-0ubuntu1",
"1:24.2.0+build1-0ubuntu1",
"1:24.4.0+build1-0ubuntu1",
"1:24.5.0+build1-0ubuntu0.14.04.1",
"1:24.6.0+build1-0ubuntu0.14.04.1",
"1:31.0+build1-0ubuntu0.14.04.1",
"1:31.1.1+build1-0ubuntu0.14.04.1",
"1:31.1.2+build1-0ubuntu0.14.04.1",
"1:31.2.0+build2-0ubuntu0.14.04.1"
]
}
],
"aliases": [],
"details": "Gary Kwong, Randell Jesup, Nils Ohlmeier, Jesse Ruderman, and Max Jonas\nWerner discovered multiple memory safety issues in Thunderbird. If a user\nwere tricked in to opening a specially crafted message with scripting\nenabled, an attacker could potentially exploit these to cause a denial of\nservice via application crash, or execute arbitrary code with the\nprivileges of the user invoking Thunderbird. (CVE-2014-1587)\n\nJoe Vennix discovered a crash when using XMLHttpRequest in some\ncircumstances. If a user were tricked in to opening a specially crafted\nmessage with scripting enabled, an attacker could potentially exploit this\nto cause a denial of service. (CVE-2014-1590)\n\nBerend-Jan Wever discovered a use-after-free during HTML parsing. If a\nuser were tricked in to opening a specially crafted message with scripting\nenabled, an attacker could potentially exploit this to cause a denial of\nservice via application crash or execute arbitrary code with the\nprivileges of the user invoking Thunderbird. (CVE-2014-1592)\n\nAbhishek Arya discovered a buffer overflow when parsing media content. If\na user were tricked in to opening a specially crafted message with\nscripting enabled, an attacker could potentially exploit this to cause a\ndenial of service via application crash or execute arbitrary code with the\nprivileges of the user invoking Thunderbird. (CVE-2014-1593)\n\nByoungyoung Lee, Chengyu Song, and Taesoo Kim discovered a bad cast in the\ncompositor. If a user were tricked in to opening a specially crafted\nmessage, an attacker could potentially exploit this to cause undefined\nbehaviour, a denial of service via application crash or execute abitrary\ncode with the privileges of the user invoking Thunderbird. (CVE-2014-1594)\n",
"id": "USN-2428-1",
"modified": "2026-04-22T07:36:32Z",
"published": "2014-12-03T15:57:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-2428-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1587"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1590"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1592"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1593"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2014-1594"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "thunderbird vulnerabilities",
"upstream": [
"UBUNTU-CVE-2014-1587",
"UBUNTU-CVE-2014-1590",
"UBUNTU-CVE-2014-1592",
"UBUNTU-CVE-2014-1593",
"UBUNTU-CVE-2014-1594"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.