Tenable4964.PRMMozilla Thunderbird < 2.0.0.21 Multiple Vulnerabilities
Versions of Mozilla Thunderbird prior to 2.0.0.21 are affected by the following vulnerabilities :
- There are several stability bugs in the browser engine that may lead to crashes with evidence of memory corruption. (MFSA 2009-01)
- By exploiting stability bugs in the browser engine, it might be possible for an attacker to execute arbitrary code on the remote system under certain conditions. (MFSA 2009-07)
- It may be possible for a website to read arbitrary XML data from another domain by using nsIRDFService and a cross-domain redirect. (MFSA 2009-09)
- Vulnerabilities in the PNG libraries used by Mozilla could be exploited to execute arbitrary code on the remote system. (MFSA 2009-10)
Binary data 4964.prm| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | thunderbird | cpe:/a:mozilla:thunderbird |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0352
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0353
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0354
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0355
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0356
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0357
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0358
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0771
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0772
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0773
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0774
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0775
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0776
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0777
www.mozilla.com/en-US/thunderbird/2.0.0.21/releasenotes
www.mozilla.org/security/announce/2009/mfsa2009-01.html
www.mozilla.org/security/announce/2009/mfsa2009-07.html
www.mozilla.org/security/announce/2009/mfsa2009-09.html
www.mozilla.org/security/announce/2009/mfsa2009-10.html
www.mozilla.org/security/announce/2009/mfsa2009-15.html