The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5345-1 advisory.

  - If a document created a sandboxed iframe without <code>allow-scripts</code>, and subsequently appended an     element to the iframe's document that e.g. had a JavaScript event handler - the event handler would have     run despite the iframe's sandbox. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox     ESR < 91.6. (CVE-2022-22759)

  - It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-     bounds write of one byte when processing the message. This vulnerability affects Thunderbird < 91.6.1.
    (CVE-2022-0566)

  - If a user installed an extension of a particular type, the extension could have auto-updated itself and     while doing so, bypass the prompt which grants the new version the new requested permissions. This     vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6. (CVE-2022-22754)

  - If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object     could have been changed into an executable script which would have run arbitrary code after the user     clicked on it. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.
    (CVE-2022-22756)

  - When importing resources using Web Workers, error messages would distinguish the difference between     <code>application/javascript</code> responses and non-script responses. This could have been abused to     learn information cross-origin. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox     ESR < 91.6. (CVE-2022-22760)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Ubuntu 18.04 LTS / 20.04 LTS : Thunderbird vulnerabilities (USN-5345-1)

critical Nessus Plugin ID 159189

Version 1.10

Version 1.9

Version 1.8

Version 1.7

Version 1.6

Version 1.10 Oct 16, 2023, 7:25 PM Detection Plugin metadata Plugin Feed: 202310161925
Version 1.9 Jul 13, 2023, 1:59 AM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") CVSSv2 score source (changed from "CVE-2022-22759" to "CVE-2022-26384") CVSSv3 score source (set to "CVE-2022-26384") Detection Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202307130159
Version 1.8 Mar 21, 2023, 7:30 PM Plugin metadata Plugin Feed: 202303211930
Version 1.7 Jan 18, 2023, 9:01 AM Logic Changes (Added support for s390x) Plugin Feed: 202301180901
Version 1.6 Dec 30, 2022, 4:05 PM CVSS metrics ("CVSSv2 score" changed from "4.4" to "10.0") CVSS metrics ("CVSSv2 vector" changed from "CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C") CVSS metrics ("CVSSv3 score" changed from "7.3" to "9.6") CVSS metrics ("CVSSv3 vector" changed from "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H") CVSSv2 score source (changed from "CVE-2022-26387" to "CVE-2022-22759") CVSSv2 severity (based on CVE-2022-22759, severity increased from "Medium" to "High") CVSSv3 score source (set to "CVE-2022-22759") Plugin Feed: 202212301605