run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Thunderbird | Mozilla | 1.5.0.9 (including) | 1.5.0.9 (including) |
| Firefox | Ubuntu | dapper | * |
| Firefox | Ubuntu | devel | * |
| Firefox | Ubuntu | edgy | * |
| Firefox | Ubuntu | feisty | * |
| Firefox-granparadiso | Ubuntu | devel | * |
| Lightning-sunbird | Ubuntu | devel | * |
| Midbrowser | Ubuntu | devel | * |
| Mozilla-thunderbird | Ubuntu | dapper | * |
| Mozilla-thunderbird | Ubuntu | edgy | * |
| Mozilla-thunderbird | Ubuntu | feisty | * |
| Xulrunner | Ubuntu | devel | * |
| Xulrunner | Ubuntu | edgy | * |
| Xulrunner | Ubuntu | feisty | * |
References
- http://secunia.com/advisories/19863
- http://secunia.com/advisories/19941
- http://www.debian.org/security/2006/dsa-1046
- http://www.debian.org/security/2006/dsa-1051
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:173
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
- http://www.securityfocus.com/bid/14443
- https://usn.ubuntu.com/157-1/
- http://secunia.com/advisories/19863
- http://secunia.com/advisories/19941
- http://www.debian.org/security/2006/dsa-1046
- http://www.debian.org/security/2006/dsa-1051
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:173
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
- http://www.securityfocus.com/bid/14443
- https://usn.ubuntu.com/157-1/