Mozilla Thunderbird 3.1.x < 3.1.14 Untrusted CA
Medium Nessus Plugin ID 56121
SynopsisThe remote Windows host contains a mail client that contains support for an untrustworthy certificate authority.
DescriptionThe installed version of Thunderbird 3.1.x is earlier than 3.1.14. Due to a recent attack against certificate authority DigiNotar, Mozilla has added explicit distrust to the DigiNotar root certificate and several intermediates in this version of Thunderbird.
Note this is a further fix to MFSA 2011-34, which removed the DigiNotar root certificate.
SolutionUpgrade to Thunderbird 3.1.14 or later.