Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Mozilla Thunderbird 3.1.x < 3.1.10 Multiple Vulnerabilities

High

Synopsis

The remote host has a web browser installed that is vulnerable to multiple attack vectors.

Description

Versions of Thunderbird 3.1.x earlier than 3.1.10 are potentially affected by multiple vulnerabilities :

- Multiple memory corruption issues could lead to arbitrary code execution. (MFSA2011-12)

- The 'resource:' protocol could be exploited to allow directory traversal on Windows and the potential loading of resources from non-permitted locations. (MFSA2011-16)

Solution

Upgrade to Thunderbird 3.1.10 or later.