Thunderbird ESR 17.x < 17.0.3 Multiple Vulnerabilities (Mac OS X)
Critical Nessus Plugin ID 64721
The remote Mac OS X host contains a mail client that is potentially affected by several vulnerabilities.
The installed version of Thunderbird ESR 17.x is earlier than 17.0.3 and thus, is potentially affected by the following security issues : - Numerous memory safety errors exist. (CVE-2013-0783) - An error exists related to Chrome Object Wrappers (COW) or System Only Wrappers (SOW) that could allow security bypass. (CVE-2013-0773) - The file system location of the active browser profile could be disclosed and used in further attacks. (CVE-2013-0774) - A use-after-free error exists in the function 'nsImageLoadingContent'. (CVE-2013-0775) - Spoofing HTTPS URLs is possible due to an error related to proxy '407' responses and embedded script code. (CVE-2013-0776) - A heap-based use-after-free error exists in the function 'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780) - A heap-based buffer overflow error exists in the function 'nsSaveAsCharset::DoCharsetConversion'. (CVE-2013-0782)