Detections
Analytics
Mozilla Thunderbird 6 Multiple Vulnerabilities
high Log Correlation Engine Plugin ID 801344
Synopsis
The remote host has a web browser installed that is vulnerable to multiple attack vectors.Description
Thunderbird 6.0 is potentially affected by multiple vulnerabilities :- If an attacker could trick a user into holding down the 'Enter' key, via a malicious game, for example, a malicious application or extension could be downloaded or executed. (CVE-2011-2372, CVE-2011-3001)
- Unspecified errors exist that can be exploited to corrupt memory. No additional information is avialable at this time. (CVE-2011-2995, CVE-2011-2997)
- A weakness exists when handling the 'Location' header. This can lead to response splitting attacks when visiting a vulnerable web server. The same fix has been applied to the headers 'Content-Length' and 'Content-Disposition. (CVE-2011-3000)
- A use-after-free error exists when parsing OGG headers. (CVE-2011-3005)
- There is an unspecified error within the YARR regular expression library that can be exploited to corrupt memory. (CVE-2011-3232)
Solution
Upgrade to Thunderbird 7.0 or later.See Also
http://.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird7
http://.mozilla.org/security/announce/2011/mfsa2011-36.html
http://.mozilla.org/security/announce/2011/mfsa2011-39.html
http://.mozilla.org/security/announce/2011/mfsa2011-40.html
Plugin Details
Severity: High
ID: 801344
Family: SMTP Clients
Published: 9/29/2011
Nessus ID: 56336
Risk Information
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 6.9
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
Patch Publication Date: 9/27/2011
Vulnerability Publication Date: 9/27/2011
Reference Information
CVE: CVE-2011-2372, CVE-2011-2995, CVE-2011-2997, CVE-2011-3000, CVE-2011-3001, CVE-2011-3005, CVE-2011-3232