This script is Copyright (C) 2010-2017 Tenable Network Security, Inc.
The remote Windows host contains a mail client that is affected by a
buffer overflow vulnerability.
The installed version of Thunderbird is earlier than 3.0.10. Such
versions are potentially affected by a heap-based buffer overflow
function 'document.write()' exposes an error that can lead to a
heap-based buffer overflow.
Note that reading email does not expose this vulnerability, however
the vulnerability can be triggered when viewing RSS feeds while
Also, note that there have been reports that this issue is being
actively exploited in the wild.
See also :
Upgrade to Thunderbird 3.0.10 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true