Thunderbird 3.1 < 3.1.16 Multiple Vulnerabilities (Mac OS X)

High Nessus Plugin ID 56757

Synopsis

The remote Mac OS X host contains an email client that is potentially affected by multiple vulnerabilities.

Description

The installed version of Thunderbird 3.1 is earlier than 3.1.16. Such versions are potentially affected by the following security issues :

- There is an error within the JSSubScriptLoader that incorrectly unwraps 'XPCNativeWrappers'. By tricking a user into installing a malicious plug-in, an attacker could exploit this issue to execute arbitrary code.
(CVE-2011-3647)

- Certain invalid sequences are not handled properly in 'Shift-JIS' encoding, which can allow cross-site scripting attacks. (CVE-2011-3648)

- Profiling JavaScript files with many functions can cause the application to crash. It may be possible to trigger this behavior even when the debugging APIs are not being used. (CVE-2011-3650)

Solution

Upgrade to Thunderbird 3.1.16 or later.

See Also

https://www.mozilla.org/en-US/security/advisories/mfsa2011-46/

https://www.mozilla.org/en-US/security/advisories/mfsa2011-47/

https://www.mozilla.org/en-US/security/advisories/mfsa2011-49/

Plugin Details

Severity: High

ID: 56757

File Name: macosx_thunderbird_3_1_16.nasl

Version: 1.9

Type: local

Agent: macosx

Published: 2011/11/09

Updated: 2018/07/14

Dependencies: 56557

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:mozilla:thunderbird

Required KB Items: MacOSX/Thunderbird/Installed

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2011/11/08

Vulnerability Publication Date: 2011/11/08

Reference Information

CVE: CVE-2011-3647, CVE-2011-3648, CVE-2011-3650

BID: 50589, 50593, 50595

CWE: 20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990