Mozilla Thunderbird < 60.3 Multiple Vulnerabilities (macOS)

High Nessus Plugin ID 118592

Synopsis

A web browser installed on the remote macOS host is affected by multiple vulnerabilities.

Description

The version of Mozilla Thunderbird installed on the remote macOS host is prior to 60.3. It is, therefore, affected by multiple vulnerabilities as noted in Mozilla Thunderbird stable channel update release notes for 2018/10/31. Please refer to the release notes for additional information. Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self- reported version number.

Solution

Upgrade to Mozilla Thunderbird version 60.3 or later.

See Also

http://www.nessus.org/u?614520ad

http://www.nessus.org/u?99f950cc

http://www.nessus.org/u?ec6f6183

http://www.nessus.org/u?a30fef4e

http://www.nessus.org/u?75a288c2

http://www.nessus.org/u?56a8a5aa

http://www.nessus.org/u?10a58f5f

http://www.nessus.org/u?56bedc2c

http://www.nessus.org/u?2fa35353

http://www.nessus.org/u?6af37c5b

http://www.nessus.org/u?55d351a5

http://www.nessus.org/u?82482803

http://www.nessus.org/u?a6a9565b

http://www.nessus.org/u?5daf782e

http://www.nessus.org/u?166aa054

http://www.nessus.org/u?a933cb35

http://www.nessus.org/u?39935a02

http://www.nessus.org/u?c5b58d2f

http://www.nessus.org/u?f6925998

http://www.nessus.org/u?a31d3226

http://www.nessus.org/u?f93877a1

http://www.nessus.org/u?b3a7cc16

http://www.nessus.org/u?ef389f56

http://www.nessus.org/u?82d76ead

http://www.nessus.org/u?902c50a9

Plugin Details

Severity: High

ID: 118592

File Name: macosx_thunderbird_60_3.nasl

Version: 1.1

Type: local

Agent: macosx

Published: 2018/11/01

Modified: 2018/11/01

Dependencies: 56557

Risk Information

Risk Factor: High

CVSS Score Source: CVE-2018-12390

CVSS v2.0

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS v3.0

Base Score: 10

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:mozilla:thunderbird

Required KB Items: MacOSX/Thunderbird/Installed

Patch Publication Date: 2018/10/31

Vulnerability Publication Date: 2018/10/31

Reference Information

CVE: CVE-2018-12389, CVE-2018-12390, CVE-2018-12391, CVE-2018-12392, CVE-2018-12393