Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Mozilla Thunderbird < 24.6 Multiple Vulnerabilities



The remote host has an email client installed that is vulnerable to multiple attack vectors.


Versions of Mozilla Thunderbird prior to 24.6 are unpatched against the following vulnerabilities :

- Use-after-free issue in the SMIL Animation Controller, among other use-after-free and out-of-bounds issues, which may be exploited via web content to induce a potentially exploitable crash. (CVE-2014-1541, CVE-2014-1536, CVE-2014-1537, CVE-2014-1538) - Click-jacking that can be exploited due to cursor invisibility when leaving an embedded flash object (Note, only OS X is affected: CVE-2014-1539) - Other miscellaneous memory safety hazards (CVE-2014-1533, CVE-2014-1534)


Upgrade to Thunderbird 24.6, or later.