Thunderbird < 17.0.3 Multiple Vulnerabilities (Mac OS X)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Mac OS X host contains a mail client that is potentially
affected by several vulnerabilities.

Description :

The installed version of Thunderbird is earlier than 17.0.3 and thus,
is potentially affected by the following security issues :

- Numerous memory safety errors exist. (CVE-2013-0783,
CVE-2013-0784)

- An out-of-bounds read error exists related to the
handling of GIF images. (CVE-2013-0772)

- An error exists related to 'WebIDL' object wrapping
that has an unspecified impact. (CVE-2013-0765)

- An error exists related to Chrome Object Wrappers (COW)
or System Only Wrappers (SOW) that could allow security
bypass. (CVE-2013-0773)

- The file system location of the active browser profile
could be disclosed and used in further attacks.
(CVE-2013-0774)

- A use-after-free error exists in the function
'nsImageLoadingContent'. (CVE-2013-0775)

- Spoofing HTTPS URLs is possible due to an error related
to proxy '407' responses and embedded script code.
(CVE-2013-0776)

- A heap-based use-after-free error exists in the function
'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)

- An out-of-bounds read error exists in the function
'ClusterIterator::NextCluster'. (CVE-2013-0778)

- An out-of-bounds read error exists in the function
'nsCodingStateMachine::NextState'. (CVE-2013-0779)

- A heap-based use-after-free error exists in the function
'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)

- A heap-based use-after-free error exists in the function
'nsPrintEngine::CommonPrint'. (CVE-2013-0781)

- A heap-based buffer overflow error exists in the
function 'nsSaveAsCharset::DoCharsetConversion'.
(CVE-2013-0782)

See also :

http://www.mozilla.org/security/announce/2013/mfsa2013-21.html
http://www.mozilla.org/security/announce/2013/mfsa2013-22.html
http://www.mozilla.org/security/announce/2013/mfsa2013-23.html
http://www.mozilla.org/security/announce/2013/mfsa2013-24.html
http://www.mozilla.org/security/announce/2013/mfsa2013-25.html
http://www.mozilla.org/security/announce/2013/mfsa2013-26.html
http://www.mozilla.org/security/announce/2013/mfsa2013-27.html
http://www.mozilla.org/security/announce/2013/mfsa2013-28.html

Solution :

Upgrade to Thunderbird 17.0.3 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false