A new version of the open-source Mozilla Thunderbird mail client has been released to fix at least six security vulnerabilities that could expose users to PC takeover attacks. The most serious of the six vulnerabilities, a “critical” heap buffer overflow in external MIME bodies, could allow an attacker to execute arbitrary code with the privileges of the current user.
“When calculating the number of bytes to allocate for a heap buffer, sufficient space is not reserved for all of the data being copied into the buffer. This results in up to three bytes of the buffer being overflowed, potentially allowing for the execution of arbitrary code, according to an alert from iDefense, the company that reported the flaw to Mozilla.
Exploitation requires that an attacker social engineer a user into viewing a malicious message in Thunderbird. If the “View->Message Pane” option is turned on (in the “Preview” pane), which is the default, then all a targeted user has to do is select the message in the browsing pane. Once the message is previewed, the vulnerability will be triggered, iDefense warned. The flaw affects both Linux and Windows users.
Mozilla, Thunderbird, Email Client, Open-Source, Open Source, Vulnerability, Hotfix, Security Update, Code Execution, Flaw