| Description: | Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: The execution of arbitrary code might be possible via a crafted PNG file that triggers a free of an uninitialised pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables. (MFSA 2009-10) It is possible to execute arbitrary code via vectors related to the layout engine. (MFSA 2009-01) It is possible to execute arbitrary code via vectors related to the JavaScript engine. (MFSA 2009-01) Bjoern Hoehrmann and Moxie Marlinspike discovered a possible spoofing attack via Unicode box drawing characters in internationalised domain names. (MFSA 2009-15) Memory corruption and assertion failures have been discovered in the layout engine, leading to the possible execution of arbitrary code. (MFSA 2009-07) The layout engine allows the execution of arbitrary code in vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection. (MFSA 2009-07) The JavaScript engine is prone to the execution of arbitrary code via several vectors. (MFSA 2009-07) The layout engine allows the execution of arbitrary code via vectors related to gczeal. (MFSA 2009-07) Georgi Guninski discovered that it is possible to obtain xml data via an issue related to the nsIRDFService. (MFSA 2009-09) The browser engine is prone to a possible memory corruption via several vectors. (MFSA 2009-14) The browser engine is prone to a possible memory corruption via the nsSVGElement::BindToTree function. (MFSA 2009-14) Gregory Fleischer discovered that it is possible to bypass the Same Origin Policy when opening a Flash file via the view-source: scheme. (MFSA 2009-17) The possible arbitrary execution of code was discovered via vectors involving "double frame construction." (MFSA 2009-24) Several issues were discovered in the browser engine as used by icedove, which could lead to the possible execution of arbitrary code. (MFSA 2009-24) Shuo Chen, Ziqing Mao, Yi-Min Wang and Ming Zhang reported a potential man-in-the-middle attack, when using a proxy due to insufficient checks on a certain proxy response. (MFSA 2009-27) moz_bug_r_a4 discovered that it is possible to execute arbitrary JavaScript with chrome privileges due to an error in the garbage collection implementation. (MFSA 2009-29) moz_bug_r_a4 reported that it is possible for scripts from page content to run with elevated privileges and thus potentially executing arbitrary code with the object's chrome privileges. (MFSA 2009-32) Bernd Jendrissek discovered a potentially exploitable crash when viewing a multipart/alternative mail message with a text/enhanced part. (MFSA 2009-33) |