This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.
The remote Mac OS X host contains a mail client that is potentially
affected by several vulnerabilities.
The installed version of Thunderbird ESR 17.x is earlier than 17.0.3
and thus, is potentially affected by the following security issues :
- Numerous memory safety errors exist. (CVE-2013-0783)
- An error exists related to Chrome Object Wrappers (COW)
or System Only Wrappers (SOW) that could allow security
- The file system location of the active browser profile
could be disclosed and used in further attacks.
- A use-after-free error exists in the function
- Spoofing HTTPS URLs is possible due to an error related
to proxy '407' responses and embedded script code.
- A heap-based use-after-free error exists in the function
- A heap-based buffer overflow error exists in the
See also :
Upgrade to Thunderbird ESR 17.0.3 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true
Family: MacOS X Local Security Checks
Nessus Plugin ID: 64721 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now