This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote Mac OS X host contains a mail client that is potentially
affected by several vulnerabilities.
The installed version of Thunderbird ESR 17.x is earlier than 17.0.3
and thus, is potentially affected by the following security issues :
- Numerous memory safety errors exist. (CVE-2013-0783)
- An error exists related to Chrome Object Wrappers (COW)
or System Only Wrappers (SOW) that could allow security
- The file system location of the active browser profile
could be disclosed and used in further attacks.
- A use-after-free error exists in the function
- Spoofing HTTPS URLs is possible due to an error related
to proxy '407' responses and embedded script code.
- A heap-based use-after-free error exists in the function
- A heap-based buffer overflow error exists in the
See also :
Upgrade to Thunderbird ESR 17.0.3 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : false
Family: MacOS X Local Security Checks
Nessus Plugin ID: 64721 ()
Bugtraq ID: 58037580385804158042580435804458047
CVE ID: CVE-2013-0773CVE-2013-0774CVE-2013-0775CVE-2013-0776CVE-2013-0780CVE-2013-0782CVE-2013-0783
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.