Last Comment Bug 883322 - Medium integrity DLL Hijacking - Thunderbird and SeaMonkey Full installer
: Medium integrity DLL Hijacking - Thunderbird and SeaMonkey Full installer
Status: RESOLVED FIXED
: csectype-priv-escalation, sec-moderate
Product: MailNews Core
Classification: Components
Component: Build Config (show other bugs)
: unspecified
: x86_64 Windows 7
: -- normal (vote)
: Thunderbird 24.0
Assigned To: Robert Strong [:rstrong] (use needinfo to contact me)
:
:
Mentors:
Depends on: CVE-2012-4206 811557 CVE-2013-1715
Blocks:
  Show dependency treegraph
 
Reported: 2013-06-14 12:36 PDT by Justin Wood (:Callek)
Modified: 2016-06-04 12:43 PDT (History)
24 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
unaffected
wontfix
+
fixed
unaffected
wontfix
wontfix
fixed
affected


Attachments
patch rev1 - updated SeaMonkey and Thunderbird 7zSD.sfx (160.44 KB, patch)
2013-06-14 13:48 PDT, Robert Strong [:rstrong] (use needinfo to contact me)
bugspam.Callek: review+
standard8: approval‑comm‑aurora+
Details | Diff | Splinter Review

Description Justin Wood (:Callek) 2013-06-14 12:36:58 PDT
+++ This bug was initially created as a clone of Bug #883165 +++

+++ This bug was initially created as a clone of Bug #811557 which was initially created as a clone of Bug #792106 +++

Specifically (from bug 811557 comment #42)
Windows 8 x64:
C:\Windows\SysWOW64\oleacc.dll <- CMD.EXE was launched in MEDIUM integrity

Windows XP Pro SP2 x64:
C:\WINDOWS\SysWOW64\apphelp.dll <- Several CMD.EXE where launched (not sure what integrity level)

Full results are being added here as we test:
https://intranet.mozilla.org/User:Ahughes@mozilla.com/DLL_Hijacking
Comment 1 Robert Strong [:rstrong] (use needinfo to contact me) 2013-06-14 13:48:00 PDT
Created attachment 762891 [details] [diff] [review]
patch rev1 - updated SeaMonkey and Thunderbird 7zSD.sfx
Comment 2 Justin Wood (:Callek) 2013-06-14 13:53:29 PDT
Comment on attachment 762891 [details] [diff] [review]
patch rev1 - updated SeaMonkey and Thunderbird 7zSD.sfx

Review of attachment 762891 [details] [diff] [review]:
-----------------------------------------------------------------

I don't know a good way to verify the binary, but memory serves that we just use(d) the firefox created binary with no issues. so r+ based on that understanding.
Comment 3 Robert Strong [:rstrong] (use needinfo to contact me) 2013-06-14 13:59:59 PDT
Pushed to comm-central
https://hg.mozilla.org/comm-central/rev/dfe341a46e21

This should probably be pushed to other branches as well when bug 883165 is pushed to other branches though I'd prefer to not shepard it to those branches.
Comment 4 Frank Wein [:mcsmurf] 2013-06-15 08:43:46 PDT
Thanks for the patch, looks good :)
Comment 5 Justin Wood (:Callek) 2013-06-18 19:46:30 PDT
Comment on attachment 762891 [details] [diff] [review]
patch rev1 - updated SeaMonkey and Thunderbird 7zSD.sfx

I can't officially mark this component approval+ but approval+=me for landing on comm-aurora
Comment 6 Mark Banner (:standard8, limited time in Dec) 2013-06-19 02:25:19 PDT
https://hg.mozilla.org/releases/comm-aurora/rev/717c4e2c623c

Note You need to log in before you can comment on or make changes to this bug.