Mozilla Thunderbird 3.1.x < 3.1.14 Untrusted CA

Medium Nessus Plugin ID 56121


The remote Windows host contains a mail client that contains support for an untrustworthy certificate authority.


The installed version of Thunderbird 3.1.x is earlier than 3.1.14. Due to a recent attack against certificate authority DigiNotar, Mozilla has added explicit distrust to the DigiNotar root certificate and several intermediates in this version of Thunderbird.

Note this is a further fix to MFSA 2011-34, which removed the DigiNotar root certificate.


Upgrade to Thunderbird 3.1.14 or later.

See Also

Plugin Details

Severity: Medium

ID: 56121

File Name: mozilla_thunderbird_3114.nasl

Version: $Revision: 1.4 $

Type: local

Agent: windows

Family: Windows

Published: 2011/09/08

Modified: 2017/06/09

Dependencies: 20862

Risk Information

Risk Factor: Medium


Base Score: 5.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Vulnerability Information

CPE: cpe:/a:mozilla:thunderbird

Required KB Items: Mozilla/Thunderbird/Version

Patch Publication Date: 2011/09/06

Vulnerability Publication Date: 2011/09/06