Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.MOZILLA_THUNDERBIRD_102.NASL
HistoryMar 23, 2005 - 12:00 a.m.

Mozilla Thunderbird < 1.0.2 Browser GIF Processing Overflow

2005-03-2300:00:00
This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
www.tenable.com
15
JSON

The installed version of Thunderbird is affected by multiple vulnerabilities. A remote attacker could exploit these issues to execute arbitrary code.

#
# (C) Tenable Network Security, Inc.
#


include("compat.inc");


if(description)
{
 script_id(17605);
 script_version("1.22");
 script_cvs_date("Date: 2018/07/16 14:09:15");

 script_cve_id("CVE-2005-0399");
 script_bugtraq_id(12881);

 script_name(english:"Mozilla Thunderbird < 1.0.2 Browser GIF Processing Overflow");
 script_summary(english:"Determines the version of Mozilla Thunderbird");
 
 script_set_attribute( attribute:"synopsis", value:
"The remote Windows host contains a mail client that is affected by
multiple vulnerabilities." );
 script_set_attribute( attribute:"description",  value:
"The installed version of Thunderbird is affected by multiple
vulnerabilities.  A remote attacker could exploit these issues
to execute arbitrary code." );
 script_set_attribute(
   attribute:"see_also",
   value:"https://www.mozilla.org/en-US/security/advisories/mfsa2005-17/"
 );
 script_set_attribute(
   attribute:"see_also",
   value:"https://www.mozilla.org/en-US/security/advisories/mfsa2005-18/"
 );
 script_set_attribute(
   attribute:"see_also",
   value:"https://www.mozilla.org/en-US/security/advisories/mfsa2005-21/"
 );
 script_set_attribute(
   attribute:"see_also",
   value:"https://www.mozilla.org/en-US/security/advisories/mfsa2005-25/"
 );
 script_set_attribute(
   attribute:"see_also",
   value:"https://www.mozilla.org/en-US/security/advisories/mfsa2005-30/"
 );
 script_set_attribute(
   attribute:"solution", 
   value:"Upgrade to Thunderbird 1.0.2 or later."
 );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");
 script_set_attribute(attribute:"plugin_publication_date", value: "2005/03/23");
 script_set_attribute(attribute:"vuln_publication_date", value: "2005/03/23");
 script_set_attribute(attribute:"patch_publication_date", value: "2005/03/23");
 script_set_attribute(attribute:"plugin_type", value:"local");
 script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:thunderbird");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);
 script_family(english:"Windows");
 script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
 script_dependencies("mozilla_org_installed.nasl");
 script_require_keys("Mozilla/Thunderbird/Version");
 exit(0);
}

include("mozilla_version.inc");
port = get_kb_item_or_exit("SMB/transport");

installs = get_kb_list("SMB/Mozilla/Thunderbird/*");
if (isnull(installs)) audit(AUDIT_NOT_INST, "Thunderbird");

mozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'1.0.2', severity:SECURITY_HOLE);
VendorProductVersionCPE
mozillathunderbirdcpe:/a:mozilla:thunderbird

Related

openvas 11
ubuntucve 1
cert 1
cve 1
saint 4
cvelist 1
nessus 16
mozilla 1
checkpoint_advisories 2
freebsd 1
redhat 4
gentoo 3
suse 2
ubuntu 1
openvas
openvas
FreeBSD Ports: firefox
2008-09-04 00:00:00
FreeBSD Ports: firefox
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200503-31 (Firefox)
2008-09-24 00:00:00
ubuntucve
ubuntucve
CVE-2005-0399
2005-05-02 00:00:00
cert
cert
Mozilla products vulnerable to heap overflow via specially crafted GIF file
2005-03-30 00:00:00
cve
cve
CVE-2005-0399
2005-05-02 04:00:00
saint
saint
Mozilla Firefox GIF processing buffer overflow
2006-06-09 00:00:00
Mozilla Firefox GIF processing buffer overflow
2006-06-09 00:00:00
Mozilla Firefox GIF processing buffer overflow
2006-06-09 00:00:00
cvelist
cvelist
CVE-2005-0399
2005-03-24 05:00:00
nessus
nessus
FreeBSD : mozilla -- heap buffer overflow in GIF image processing (7d2aac52-9c6b-11d9-99a7-000a95bc6fae)
2005-07-13 00:00:00
Fedora Core 3 : thunderbird-1.0.2-1.3.1 (2005-247)
2005-09-12 00:00:00
RHEL 4 : thunderbird (RHSA-2005:337)
2005-03-25 00:00:00
mozilla
mozilla
GIF heap overflow parsing Netscape extension 2 — Mozilla
2005-03-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Products Malformed GIF Buffer Overflow (CVE-2005-0399)
2015-08-31 00:00:00
Multiple Products Malformed GIF Image File Handling Buffer Overflow (CVE-2005-0243; CVE-2005-0399; CVE-2007-1071)
2005-03-26 00:00:00
freebsd
freebsd
mozilla -- heap buffer overflow in GIF image processing
2005-03-10 00:00:00
redhat
redhat
(RHSA-2005:337) thunderbird security update
2005-03-23 00:00:00
(RHSA-2005:336) firefox security update
2005-03-23 00:00:00
(RHSA-2005:323) mozilla security update
2005-03-23 00:00:00
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2005-03-25 00:00:00
Mozilla Thunderbird: Multiple vulnerabilities
2005-03-25 00:00:00
Mozilla Suite: Multiple vulnerabilities
2005-03-25 00:00:00
suse
suse
remote code execution in MozillaThunderbird
2006-04-25 13:15:04
remote code execution in phpMyAdmin
2006-01-26 13:53:52
ubuntu
ubuntu
Ubuntu 4.10 update for Firefox vulnerabilities
2005-07-28 00:00:00
JSON
Related for MOZILLA_THUNDERBIRD_102.NASL
openvas11ubuntucve1cert1cve1saint4cvelist1nessus16mozilla1checkpoint_advisories2freebsd1redhat4gentoo3suse2ubuntu1