Mozilla Thunderbird < 6.0.2 Untrusted CA

Medium Nessus Plugin ID 56122


The remote Windows host contains a mail client that contains support for an untrustworthy certificate authority.


The installed version of Thunderbird is earlier than 6.0.2. Due to a recent attack against certificate authority DigiNotar, Mozilla has added explicit distrust to the DigiNotar root certificate and several intermediates in this version of Thunderbird.

Note this is a further fix to MFSA 2011-34, which removed the DigiNotar root certificate.


Upgrade to Thunderbird 6.0.2 or later.

See Also

Plugin Details

Severity: Medium

ID: 56122

File Name: mozilla_thunderbird_602.nasl

Version: $Revision: 1.4 $

Type: local

Agent: windows

Family: Windows

Published: 2011/09/08

Modified: 2017/06/09

Dependencies: 20862

Risk Information

Risk Factor: Medium


Base Score: 5.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Vulnerability Information

CPE: cpe:/a:mozilla:thunderbird

Required KB Items: Mozilla/Thunderbird/Version

Patch Publication Date: 2011/09/06

Vulnerability Publication Date: 2011/09/06