Mozilla Thunderbird < 3.0.11 Multiple Vulnerabilities

High Nessus Plugin ID 51122


The remote Windows host contains a mail client that is affected by multiple vulnerabilities.


The installed version of Thunderbird is earlier than 3.0.11. Such versions are potentially affected by multiple vulnerabilities :

- Multiple memory corruption issues could lead to arbitrary code execution. (MFSA 2010-74)
- On the Windows platform, when 'document.write()' is called with a very long string, a buffer overflow could be triggered. (MFSA 2010-75)

- Downloadable fonts could expose vulnerabilities in the underlying OS font code. (MFSA 2010-78)


Upgrade to Thunderbird 3.0.11 or later.

See Also

Plugin Details

Severity: High

ID: 51122

File Name: mozilla_thunderbird_3011.nasl

Version: $Revision: 1.14 $

Type: local

Agent: windows

Family: Windows

Published: 2010/12/10

Modified: 2017/06/09

Dependencies: 20862

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:mozilla:thunderbird

Required KB Items: Mozilla/Thunderbird/Version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2010/12/09

Vulnerability Publication Date: 2010/12/09

Reference Information

CVE: CVE-2010-3768, CVE-2010-3769, CVE-2010-3776, CVE-2010-3777, CVE-2010-3778

BID: 45344, 45345, 45347, 45348, 45352

OSVDB: 69770, 69771, 69778, 69779, 69780