This script is Copyright (C) 2008-2017 Tenable Network Security, Inc.
The remote Windows host contains a mail client that is affected by
The installed version of Thunderbird is affected by various security
- Several stability bugs exist leading to crashes which, in
some cases, show traces of memory corruption.
- Several issues exist that allow scripts from page
content to escape from their sandboxed context and/or
run with chrome privileges, resulting in privilege
escalation, cross-site scripting, and/or remote code
- A directory traversal vulnerability exist via the
- A heap-based buffer overflow exists that can be
triggered when viewing an email with an external MIME
- Multiple cross-site scripting vulnerabilities
exist related to character encoding.
See also :
Upgrade to Mozilla Thunderbird 188.8.131.52 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true
Nessus Plugin ID: 31193 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now