Thunderbird 10.x < 10.0.1 Memory Corruption (Mac OS X)
High Nessus Plugin ID 58071
SynopsisThe remote Mac OS X host contains an email client that is potentially affected by a memory corruption vulnerability.
DescriptionThe installed version of Thunderbird 10.x is earlier than 10.0.1 and is, therefore, potentially affected by a memory corruption vulnerability.
A use-after-free error exists in the method 'nsXBLDocumentInfo::ReadPrototypeBindings' and XBL bindings are not properly removed from a hash table in the event of failure. Clean-up processes may then attempt to use this data and cause application crashes. These application crashes are potentially exploitable.
SolutionUpgrade to Thunderbird 10.0.1 or later.