This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.
The remote Mac OS X host contains a mail client that is potentially
affected by several vulnerabilities.
The installed version of Thunderbird is earlier than 16.0.1 and is
therefore potentially affected by the following security issues :
- An unspecified error related to the WebSockets
implementation and the function
'mozilla::net::FailDelayManager::Lookup' can allow
application crashes and potentially, arbitrary code
- An unspecified error exists that can allow attackers to
bypass the 'Same Origin Policy' and access the
'Location' object. (CVE-2012-4192)
- An error exists related to 'security wrappers' and the
function 'defaultValue()' that can allow cross-site
scripting attacks. (CVE-2012-4193)
See also :
Upgrade to Thunderbird 16.0.1 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : false
Family: MacOS X Local Security Checks
Nessus Plugin ID: 62587 ()
Bugtraq ID: 561535615456155
CVE ID: CVE-2012-4191CVE-2012-4192CVE-2012-4193
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.