Mozilla Thunderbird < 31.2 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 8554

Synopsis

The remote host has an email client installed that is vulnerable to multiple attack vectors.

Description

Versions of Mozilla Thunderbird prior to 31.2 are prone to the following vulnerabilities :

- Buffer overflow vulnerability exists when capitalization style changes occur during CSS parsing. (CVE-2014-1576)
- Out-of-bounds read error exists in the Web Audio component when invalid values are used in custom waveforms, which can lead to a denial of service or information disclosure. (CVE-2014-1577)
- Out-of-bounds write error when processing invalid tile sizes in 'WebM' format videos can be leveraged for arbitrary code execution. (CVE-2014-1578)
- Use-after-free error in the 'DirectionalityUtils' component when text direction is used in the text layout can be leveraged for arbitrary code execution. (CVE-2014-1581)
- Multiple security bypass vulnerabilities exist in the implementation of Public Key Pinning (PKP); one issue can be triggered via SPDY's or HTTP/2's connection-coalescing property in the case of a shared IP address, and another issue is exposed by an unspecified issuer-verification error. Both scenarios can be leveraged for man-in-the-middle attacks. Note that key pinning was introduced in Firefox 32. (CVE-2014-1582, CVE-2014-1584)
- Multiple memory safety flaws exist within the browser engine, which can likely be leveraged for denial of service or arbitrary code execution. (CVE-2014-1574, CVE-2014-1575)

Solution

Upgrade to Thunderbird 31.2, or later.

See Also

https://www.mozilla.org/security/announce/2014/mfsa2014-74.html

https://www.mozilla.org/security/announce/2014/mfsa2014-75.html

https://www.mozilla.org/security/announce/2014/mfsa2014-76.html

https://www.mozilla.org/security/announce/2014/mfsa2014-77.html

https://www.mozilla.org/security/announce/2014/mfsa2014-79.html

https://www.mozilla.org/security/announce/2014/mfsa2014-81.html

Plugin Details

Severity: High

ID: 8554

Family: SMTP Clients

Published: 2014/10/17

Modified: 2016/03/17

Dependencies: 5558

Nessus ID: 78474

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSSv3

Base Score: 8.1

Temporal Score: 7.7

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:mozilla:firefox

Patch Publication Date: 2014/10/14

Vulnerability Publication Date: 2014/10/14

Reference Information

CVE: CVE-2014-1574, CVE-2014-1575, CVE-2014-1576, CVE-2014-1577, CVE-2014-1578, CVE-2014-1581, CVE-2014-1585, CVE-2014-1586

BID: 70425, 70426, 70427, 70428, 70430, 70436, 70439, 70440