This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote Mac OS X host contains a mail client that is potentially
affected by multiple vulnerabilities.
The installed version of Thunderbird ESR 17.x is prior to 17.0.9 and
is, therefore, potentially affected the following vulnerabilities :
- Memory issues exist in the browser engine that could
allow for denial of service or arbitrary code execution.
- Multiple use-after-free problems exist that could result
in denial of service attacks or arbitrary code
execution. (CVE-2013-1735, CVE-2013-1736)
- A buffer overflow is possible because of an issue with
multi-column layouts. (CVE-2013-1732)
denial of service or arbitrary code execution. Versions
of Firefox 20 or greater are not susceptible to the
arbitrary code execution mentioned above.
compartments could result in denial of service or
possibly arbitrary code execution. (CVE-2013-1725)
- An object is not properly identified during use of
user-defined getter methods on DOM proxies. This could
result in access restrictions being bypassed.
See also :
Upgrade to Thunderbird ESR 17.0.9 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : false
Family: MacOS X Local Security Checks
Nessus Plugin ID: 69990 ()
Bugtraq ID: 6246262463624676246962473624756247862479
CVE ID: CVE-2013-1718CVE-2013-1719CVE-2013-1725CVE-2013-1730CVE-2013-1732CVE-2013-1735CVE-2013-1736CVE-2013-1737
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.