Mozilla Thunderbird < 2.0.0.9 Multiple Vulnerabilities

This script is Copyright (C) 2007-2017 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a mail client that is affected by
multiple vulnerabilities.

Description :

The remote version of Mozilla Thunderbird is affected by some memory
corruption issues that could result in remote code execution if
JavaScript is enabled when viewing specially crafted messages.

See also :

https://www.mozilla.org/en-US/security/advisories/mfsa2007-29/
https://www.mozilla.org/en-US/security/advisories/mfsa2007-36/

Solution :

Upgrade to Mozilla Thunderbird 2.0.0.9 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 28226 ()

Bugtraq ID: 26132

CVE ID: CVE-2007-4841
CVE-2007-5339
CVE-2007-5340

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now