Lucene search
This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.MOZILLA_THUNDERBIRD_1505.NASLHistoryJul 27, 2006 - 12:00 a.m.
Mozilla Thunderbird < 1.5.0.5 Multiple Vulnerabilities
2006-07-2700:00:00
This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
www.tenable.com
8
The remote version of Mozilla Thunderbird suffers from various security issues, at least one of which may lead to execution of arbitrary code on the affected host subject to the user’s privileges.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(22096);
script_version("1.22");
script_cvs_date("Date: 2018/07/16 14:09:15");
script_cve_id(
"CVE-2006-3113",
"CVE-2006-3801",
"CVE-2006-3802",
"CVE-2006-3803",
"CVE-2006-3804",
"CVE-2006-3805",
"CVE-2006-3806",
"CVE-2006-3807",
"CVE-2006-3809",
"CVE-2006-3810",
"CVE-2006-3811"
);
script_bugtraq_id(19181, 19197);
script_xref(name:"CERT", value:"655892");
script_name(english:"Mozilla Thunderbird < 1.5.0.5 Multiple Vulnerabilities");
script_summary(english:"Checks version of Mozilla Thunderbird");
script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains a mail client that is affected by
multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The remote version of Mozilla Thunderbird suffers from various
security issues, at least one of which may lead to execution of
arbitrary code on the affected host subject to the user's privileges.");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-44/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-46/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-47/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-48/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-49/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-50/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-51/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-53/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-54/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-55/");
script_set_attribute(attribute:"solution", value:
"Upgrade to Mozilla Thunderbird 1.5.0.5 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_publication_date", value:"2006/07/27");
script_set_attribute(attribute:"vuln_publication_date", value:"2006/07/25");
script_set_attribute(attribute:"patch_publication_date", value:"2006/07/25");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:thunderbird");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");
script_dependencies("mozilla_org_installed.nasl");
script_require_keys("Mozilla/Thunderbird/Version");
exit(0);
}
include("mozilla_version.inc");
port = get_kb_item_or_exit("SMB/transport");
installs = get_kb_list("SMB/Mozilla/Thunderbird/*");
if (isnull(installs)) audit(AUDIT_NOT_INST, "Thunderbird");
mozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'1.5.0.5', severity:SECURITY_HOLE);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | thunderbird | cpe:/a:mozilla:thunderbird |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3113
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3801
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3802
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3803
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3804
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3805
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3806
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3807
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3809
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3810
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3811
www.mozilla.org/en-US/security/advisories/mfsa2006-44/
www.mozilla.org/en-US/security/advisories/mfsa2006-46/
www.mozilla.org/en-US/security/advisories/mfsa2006-47/
www.mozilla.org/en-US/security/advisories/mfsa2006-48/
www.mozilla.org/en-US/security/advisories/mfsa2006-49/
www.mozilla.org/en-US/security/advisories/mfsa2006-50/
www.mozilla.org/en-US/security/advisories/mfsa2006-51/
www.mozilla.org/en-US/security/advisories/mfsa2006-53/
www.mozilla.org/en-US/security/advisories/mfsa2006-54/
www.mozilla.org/en-US/security/advisories/mfsa2006-55/
Related
nessus
nessus
openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-1924)
2007-10-17 00:00:00
GLSA-200608-04 : Mozilla Thunderbird: Multiple vulnerabilities
2006-08-04 00:00:00
SuSE 10 Security Update : Firefox (ZYPP Patch Number 1960)
2007-12-13 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200608-04 (Thunderbird)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200608-04 (Thunderbird)
2008-09-24 00:00:00
FreeBSD Ports: firefox
2008-09-04 00:00:00
gentoo
gentoo
Mozilla Thunderbird: Multiple vulnerabilities
2006-08-03 00:00:00
Mozilla SeaMonkey: Multiple vulnerabilities
2006-08-03 00:00:00
Mozilla Firefox: Multiple vulnerabilities
2006-08-03 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2006-07-29 00:00:00
firefox vulnerabilities
2006-07-28 00:00:00
Thunderbird vulnerabilities
2006-09-22 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2006-07-25 00:00:00
redhat
redhat
(RHSA-2006:0608) seamonkey security update
2006-07-27 00:00:00
(RHSA-2006:0611) thunderbird security update
2006-07-28 00:00:00
(RHSA-2006:0609) seamonkey security update
2006-08-02 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey
2006-08-16 15:11:18
centos
centos
seamonkey security update
2006-08-04 20:56:41
thunderbird security update
2006-07-29 11:51:27
devhelp, seamonkey security update
2006-08-05 15:16:05
securityvulns
securityvulns
osv
osv
mozilla-firefox - several vulnerabilities
2006-08-29 00:00:00
mozilla - several
2006-08-29 00:00:00
mozilla-thunderbird - several
2006-08-28 00:00:00
debian
debian
oraclelinux
oraclelinux
Critical thunderbird security update
2006-12-07 00:00:00
Critical firefox security update
2006-12-07 00:00:00
mozilla
mozilla
JavaScript engine vulnerabilities — Mozilla
2006-07-25 00:00:00
Code execution through deleted frame reference — Mozilla
2006-07-25 00:00:00
Heap buffer overwrite on malformed VCard — Mozilla
2006-07-25 00:00:00
cve
cve
cert
cert
Mozilla products fail to properly handle frame references
2006-07-27 00:00:00
Mozilla products contain a race condition
2006-07-27 00:00:00
Mozilla products VCard attachment buffer overflow
2006-07-27 00:00:00
ubuntucve
ubuntucve
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox New Function Garbage Collection Code Execution - Ver2 (CVE-2006-3803)
2014-01-07 00:00:00
Mozilla Firefox Javascript Deleted Frame Reference Code Execution - Ver2 (CVE-2006-3801)
2014-03-03 00:00:00
Mozilla Firefox Javascript Engine Code Execution - Ver2 (CVE-2006-3806)
2014-12-28 00:00:00
debiancve
debiancve
prion
prion
Design/Logic Flaw
2007-04-02 22:19:00
Related for MOZILLA_THUNDERBIRD_1505.NASL