Lucene search
This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.MOZILLA_THUNDERBIRD_1509.NASLHistoryDec 20, 2006 - 12:00 a.m.
Mozilla Thunderbird < 1.5.0.9 Multiple Vulnerabilities
2006-12-2000:00:00
This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
www.tenable.com
17
The remote version of Mozilla Thunderbird suffers from various security issues, at least one of which could lead to execution of arbitrary code on the affected host.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(23929);
script_version("1.20");
script_cve_id("CVE-2006-6497", "CVE-2006-6498", "CVE-2006-6499", "CVE-2006-6500",
"CVE-2006-6501", "CVE-2006-6502", "CVE-2006-6503", "CVE-2006-6504",
"CVE-2006-6505");
script_bugtraq_id(21668);
script_name(english:"Mozilla Thunderbird < 1.5.0.9 Multiple Vulnerabilities");
script_summary(english:"Checks version of Mozilla Thunderbird");
script_set_attribute( attribute:"synopsis", value:
"The remote Windows host contains a mail client that is affected by
multiple vulnerabilities." );
script_set_attribute( attribute:"description", value:
"The remote version of Mozilla Thunderbird suffers from various
security issues, at least one of which could lead to execution of
arbitrary code on the affected host." );
script_set_attribute(
attribute:"see_also",
value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-68/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-69/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-70/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-71/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-72/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-73/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-74/"
);
script_set_attribute(
attribute:"solution",
value:"Upgrade to Mozilla Thunderbird 1.5.0.9 or later."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(94);
script_set_attribute(attribute:"plugin_publication_date", value: "2006/12/20");
script_set_attribute(attribute:"vuln_publication_date", value: "2006/12/19");
script_cvs_date("Date: 2018/07/16 14:09:15");
script_set_attribute(attribute:"patch_publication_date", value: "2006/11/08");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:thunderbird");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");
script_dependencies("mozilla_org_installed.nasl");
script_require_keys("Mozilla/Thunderbird/Version");
exit(0);
}
include("mozilla_version.inc");
port = get_kb_item_or_exit("SMB/transport");
installs = get_kb_list("SMB/Mozilla/Thunderbird/*");
if (isnull(installs)) audit(AUDIT_NOT_INST, "Thunderbird");
mozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'1.5.0.9', severity:SECURITY_HOLE);| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | thunderbird | cpe:/a:mozilla:thunderbird |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6497
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6498
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6499
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6500
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6501
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6502
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6503
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6504
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6505
www.mozilla.org/en-US/security/advisories/mfsa2006-68/
www.mozilla.org/en-US/security/advisories/mfsa2006-69/
www.mozilla.org/en-US/security/advisories/mfsa2006-70/
www.mozilla.org/en-US/security/advisories/mfsa2006-71/
www.mozilla.org/en-US/security/advisories/mfsa2006-72/
www.mozilla.org/en-US/security/advisories/mfsa2006-73/
www.mozilla.org/en-US/security/advisories/mfsa2006-74/
Related
openvas
openvas
Gentoo Security Advisory GLSA 200701-04 (seamonkey)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200701-04 (seamonkey)
2008-09-24 00:00:00
Ubuntu: Security Advisory (USN-398-4)
2009-03-23 00:00:00
nessus
nessus
SeaMonkey < 1.0.7 Multiple Vulnerabilities
2006-12-20 00:00:00
GLSA-200701-04 : SeaMonkey: Multiple vulnerabilities
2007-01-11 00:00:00
Ubuntu 5.10 / 6.06 LTS : firefox vulnerabilities (USN-398-2)
2007-11-10 00:00:00
gentoo
gentoo
SeaMonkey: Multiple vulnerabilities
2007-01-10 00:00:00
Mozilla Thunderbird: Multiple vulnerabilities
2007-01-04 00:00:00
Mozilla Firefox: Multiple vulnerabilities
2007-01-04 00:00:00
redhat
redhat
(RHSA-2006:0760) Critical: thunderbird security update
2006-12-19 00:00:00
(RHSA-2006:0759) Critical: seamonkey security update
2006-12-19 00:00:00
(RHSA-2006:0758) Critical: firefox security update
2006-12-19 00:00:00
centos
centos
seamonkey security update
2006-12-20 05:41:20
thunderbird security update
2006-12-23 11:43:30
devhelp, seamonkey security update
2006-12-20 15:44:06
ubuntu
ubuntu
Firefox regression
2007-01-27 00:00:00
Firefox vulnerabilities
2007-01-03 00:00:00
Thunderbird vulnerabilities
2007-01-05 00:00:00
osv
osv
debian
debian
oraclelinux
oraclelinux
Critical thunderbird security update
2006-12-20 00:00:00
Critical seamonkey security update
2006-12-20 00:00:00
Critical firefox security update
2006-12-20 00:00:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: thunderbird-1.5.0.9-2.fc5
2007-01-02 20:23:31
[SECURITY] Fedora Core 5 Update: firefox-1.5.0.9-1.fc5
2006-12-22 20:21:55
[SECURITY] Fedora Core 6 Update: firefox-1.5.0.9-1.fc5
2006-12-21 22:02:27
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird
2006-12-29 15:41:46
remote denial of service in mozilla
2007-01-12 14:08:00
mozilla
mozilla
Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1) — Mozilla
2006-12-19 00:00:00
Privilege escalation using watch point — Mozilla
2006-12-19 00:00:00
CSS cursor image buffer overflow (Windows only) — Mozilla
2006-12-19 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2006-68
2006-12-20 00:00:00
Mozilla Foundation Security Advisory 2006-69
2006-12-20 00:00:00
Mozilla Foundation Security Advisory 2006-70
2006-12-20 00:00:00
ubuntucve
ubuntucve
cve
cve
cert
cert
Mozilla denial of service vulnerability
2007-01-09 00:00:00
Mozilla products vulnerable to heap overflow via miscalculated size during conversion of an image
2007-01-18 00:00:00
Mozilla JavaScript Engine multiple memory corruption vulnerabilities
2007-01-18 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:12:22
Denial Of Service (DoS)
2020-04-10 00:12:21
Denial Of Service (DoS)
2020-04-10 00:12:22
debiancve
debiancve
zdi
zdi
Mozilla Firefox SVG Processing Remote Code Execution Vulnerability
2006-12-19 00:00:00
checkpoint_advisories
checkpoint_advisories
Related for MOZILLA_THUNDERBIRD_1509.NASL