Mozilla Thunderbird < 31.2 Multiple Vulnerabilities

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a mail client that is affected by
multiple vulnerabilities.

Description :

The version of Thunderbird installed on the remote host is a version
prior to 31.2. It is, therefore, affected by the following
vulnerabilities :

- Multiple memory safety flaws exist within the browser
engine. Exploiting these, an attacker can cause a denial
of service or execute arbitrary code. (CVE-2014-1574,
CVE-2014-1575)

- A buffer overflow vulnerability exists when
capitalization style changes occur during CSS parsing.
(CVE-2014-1576)

- An out-of-bounds read error exists in the Web Audio
component when invalid values are used in custom
waveforms that leads to a denial of service or
information disclosure. (CVE-2014-1577)

- An out-of-bounds write error exists when processing
invalid tile sizes in 'WebM' format videos that result
in arbitrary code execution. (CVE-2014-1578)

- A use-after-free error exists in the
'DirectionalityUtils' component when text direction is
used in the text layout that results in arbitrary
code execution. (CVE-2014-1581)

- Multiple issues exist in WebRTC when the session is
running within an 'iframe' element that will allow the
session to be accessible even when sharing is stopped
and when returning to the website. This could lead to
video inadvertently being shared. (CVE-2014-1585,
CVE-2014-1586)

See also :

https://www.mozilla.org/security/announce/2014/mfsa2014-74.html
https://www.mozilla.org/security/announce/2014/mfsa2014-75.html
https://www.mozilla.org/security/announce/2014/mfsa2014-76.html
https://www.mozilla.org/security/announce/2014/mfsa2014-77.html
https://www.mozilla.org/security/announce/2014/mfsa2014-79.html
https://www.mozilla.org/security/announce/2014/mfsa2014-81.html

Solution :

Upgrade to Thunderbird 31.2 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now