This script is Copyright (C) 2010-2017 Tenable Network Security, Inc.
The remote Windows host contains a mail client that is affected by
The installed version of Thunderbird is earlier than 3.0.5. Such
versions are potentially affected by the following security issues :
- A memory corruption vulnerability can lead to arbitrary
code execution if garbage collection is carefully timed
after DOM nodes are moved between documents.
- Multiple crashes can result in arbitrary code
execution. (MFSA 2010-26)
- An error in 'nsGenericDOMDataNode' allows a buffer
overflow in certain DOM nodes leading to arbitrary code
execution. (MFSA 2010-29)
- An error in a XSLT node sorting function contains an
integer overflow leading to application crashes and
possible arbitrary code execution. (MFSA 2010-30)
See also :
Upgrade to Thunderbird 3.0.5 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true