Ubuntu Security Notice 1050-1 - Multiple vulnerabilities have been addressed in the thunderbird package. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. Roberto Suggi Liverani discovered a possible issue with unsafe JavaScript execution in chrome documents. A malicious extension could exploit this to execute arbitrary code with chrome privileges. Jordi Chancel discovered a buffer overflow in the JPEG decoding engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program.
8836e577ee50f8d9c44c673cd6c2023b5e0e25863e404007a67ab72883b61ce8