Mozilla Thunderbird 3.1 < 3.1.12 Multiple Vulnerabilities

Critical Nessus Plugin ID 55886

Synopsis

The remote Windows host contains a mail client may be affected by multiple vulnerabilities.

Description

The installed version of Thunderbird 3.1 is earlier than 3.1.12. As such, it is potentially affected by the following security issues :

- Several memory safety bugs exist in the browser engine that may permit remote code execution. (CVE-2011-2982)

- A dangling pointer vulnerability exists in an SVG text manipulation routine. (CVE-2011-0084)

- A dangling pointer vulnerability exists in appendChild, which did not correctly account for DOM objects it operated upon. (CVE-2011-2378)

- A privilege escalation vulnerability in the event management code could permit JavaScript to be run in the wrong context. (CVE-2011-2981)

- A privilege escalation vulnerability exists if a web page registered for drop events and a browser tab element was dropped into the content area. (CVE-2011-2984)

- A binary planting vulnerability in ThinkPadSensor::Startup could permit loading a malicious DLL into the running process. (CVE-2011-2980)

- A data leakage vulnerability triggered when RegExp.input was set could allow data from other domains to be read.
(CVE-2011-2983)

Solution

Upgrade to Thunderbird 3.1.12 or later.

See Also

https://www.mozilla.org/en-US/security/advisories/mfsa2011-32/

Plugin Details

Severity: Critical

ID: 55886

File Name: mozilla_thunderbird_3112.nasl

Version: 1.14

Type: local

Agent: windows

Family: Windows

Published: 2011/08/17

Modified: 2018/07/17

Dependencies: 20862

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:mozilla:thunderbird

Required KB Items: Mozilla/Thunderbird/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2011/08/16

Vulnerability Publication Date: 2011/08/16

Exploitable With

ExploitHub (EH-11-772)

Reference Information

CVE: CVE-2011-0084, CVE-2011-2378, CVE-2011-2980, CVE-2011-2981, CVE-2011-2982, CVE-2011-2983, CVE-2011-2984

BID: 49213, 49214, 49216, 49217, 49218, 49219, 49223