Mozilla Thunderbird 3.1.x < 3.1.8 Multiple Vulnerabilities

High Log Correlation Engine Plugin ID 801234

Synopsis

The remote host has a web browser installed that is vulnerable to multiple attack vectors.

Description

Versions of Thunderbird 3.1.x earlier than 3.1.8 are potentially affected by multiple vulnerabilities :

- Multiple memory corruption issues exists which could lead to arbitrary code execution. (MFSA 2011-01)

- An input validation error exists int he class, 'ParanoidFragmentSink', which allows inline JavaScript and 'javascript:' URLs in a chrome document. Note that no unsafe usage occurs in Mozilla products, however community generated extensions could. (MFSA 2011-08)

- A buffer overflow exist related to JPEG decoding and may lead to arbitrary code execution. (MFSA 2011-09)

Solution

Upgrade to Thunderbird 3.1.8 or later.

See Also

archives.neohapsis.com/archives/bugtraq/2010-04/0204.html

http://.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.8

http://.mozilla.org/security/announce/2011/mfsa2011-01.html

http://.mozilla.org/security/announce/2011/mfsa2011-08.html

http://.mozilla.org/security/announce/2011/mfsa2011-09.html

Plugin Details

Severity: High

ID: 801234

File Name: 801234.prm

Family: SMTP Clients

Published: 2011/03/07

Nessus ID: 52532

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Patch Publication Date: 2011/03/01

Vulnerability Publication Date: 2010/04/28

Reference Information

CVE: CVE-2010-1585, CVE-2011-0053, CVE-2011-0061, CVE-2011-0062

BID: 46645, 46647, 46651