Mozilla Thunderbird 24.x < 24.8 Multiple Vulnerabilities (Mac OS X)
Critical Nessus Plugin ID 77496
SynopsisThe remote Mac OS X host contains a mail client that is affected by multiple vulnerabilities.
DescriptionThe version of Thunderbird 24.x installed on the remote Mac OS X host is a version prior to 24.8. It is, therefore, affected by the following vulnerabilities :
- Multiple memory safety flaws exist within the browser engine. Exploiting these, an attacker can cause a denial of service or execute arbitrary code. (CVE-2014-1562)
- A use-after-free vulnerability exists due to improper handling of text layout in directionality resolution.
A remote attacker can exploit this to execute arbitrary code. (CVE-2014-1567)
SolutionUpgrade to Thunderbird 24.8 or later.