Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.MOZILLA_THUNDERBIRD_20022.NASL
HistoryJun 23, 2009 - 12:00 a.m.

Mozilla Thunderbird < 2.0.0.22 Multiple Vulnerabilities

2009-06-2300:00:00
This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
JSON

The installed version of Thunderbird is earlier than 2.0.0.22. Such versions are potentially affected by the following security issues :

  • Multiple memory corruption vulnerabilities could potentially be exploited to execute arbitrary code provided JavaScript is enabled in mail. (MFSA 2009-14)

  • When an Adobe Flash file is loaded via the ‘view-source:’ scheme, the Flash plugin misinterprets the origin of the content as localhost. An attacker can leverage this to launch cross-site request forgery attacks. It is also possible to exploit this to place cookie-like objects on victim’s computers.
    (MFSA 2009-17)

  • Multiple memory corruption vulnerabilities could potentially be exploited to execute arbitrary code.
    (MFSA 2009-24)

  • It may be possible to tamper with SSL data via non-200 responses to proxy CONNECT requests. (MFSA 2009-27)

  • If the owner document of an element becomes null after garbage collection, then it may be possible to execute the event listeners within the wrong JavaScript context.
    An attacker can potentially exploit this vulnerability to execute arbitrary JavaScript with chrome privileges, provided JavaScript is enabled in mail. (MFSA 2009-29)

  • It may be possible for scripts from page content to run with elevated privileges. Thunderbird installs are not affected by default, however if an add-on is installed that implements functionality similar to sidebar or BrowserFeedWriter, and also enables JavaScript then the install could be vulnerable.
    (MFSA 2009-32)

  • It may be possible to crash Thunderbird while viewing a ‘multipart/alternative’ mail message with a ‘text/enhanced’ part. (MFSA 2009-33)

#
# (C) Tenable Network Security, Inc.
#


include("compat.inc");

if (description)
{
  script_id(39493);
  script_version("1.22");
  script_cvs_date("Date: 2018/08/22 16:49:14");

  script_cve_id(
    "CVE-2009-1302", 
    "CVE-2009-1303",
    "CVE-2009-1304", 
    "CVE-2009-1305",
    "CVE-2009-1307", 
    "CVE-2009-1392", 
    "CVE-2009-1832", 
    "CVE-2009-1833",
    "CVE-2009-1836", 
    "CVE-2009-1838", 
    "CVE-2009-1841", 
    "CVE-2009-2210"
  );
  script_bugtraq_id(35370, 35371, 35372, 35373, 35380, 35383, 35461);
  script_xref(name:"Secunia", value:"35440");

  script_name(english:"Mozilla Thunderbird < 2.0.0.22 Multiple Vulnerabilities");
  script_summary(english:"Checks version of Thunderbird");
 
  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains a mail client that is affected by
multiple vulnerabilities." );

  script_set_attribute(attribute:"description", value:
"The installed version of Thunderbird is earlier than 2.0.0.22.  Such
versions are potentially affected by the following security issues :

  - Multiple memory corruption vulnerabilities could
    potentially be exploited to execute arbitrary code
    provided JavaScript is enabled in mail. 
    (MFSA 2009-14)

  - When an Adobe Flash file is loaded via the
    'view-source:' scheme, the Flash plugin misinterprets
    the origin of the content as localhost. An attacker can
    leverage this to launch cross-site request forgery
    attacks. It is also possible to exploit this to place
    cookie-like objects on victim's computers.
    (MFSA 2009-17)

  - Multiple memory corruption vulnerabilities could
    potentially be exploited to execute arbitrary code.
    (MFSA 2009-24)

  - It may be possible to tamper with SSL data via non-200
    responses to proxy CONNECT requests. (MFSA 2009-27)

  - If the owner document of an element becomes null after
    garbage collection, then it may be possible to execute
    the event listeners within the wrong JavaScript context.
    An attacker can potentially exploit this vulnerability
    to execute arbitrary JavaScript with chrome privileges,
    provided JavaScript is enabled in mail. (MFSA 2009-29)

  - It may be possible for scripts from page content to
    run with elevated privileges. Thunderbird installs are
    not affected by default, however if an add-on is 
    installed that implements functionality similar to 
    sidebar or BrowserFeedWriter, and also enables
    JavaScript then the install could be vulnerable.
    (MFSA 2009-32)

  - It may be possible to crash Thunderbird while viewing a
    'multipart/alternative' mail message with a 
    'text/enhanced' part. (MFSA 2009-33)" );

  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2009-14/" );
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2009-17/" );
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2009-24/" );
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2009-27/" );
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2009-29/" );
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2009-32/" );
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2009-33/" );
  script_set_attribute(attribute:"solution", value:
"Upgrade to Mozilla Thunderbird 2.0.0.22 or later." );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_cwe_id(16, 20, 94, 287, 399);

  script_set_attribute(attribute:"plugin_publication_date", value: "2009/06/23");
  script_set_attribute(attribute:"patch_publication_date", value: "2009/04/21");
  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:thunderbird");
  script_end_attributes();
 
  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");
 
  script_copyright(english:"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
 
  script_dependencies("mozilla_org_installed.nasl");
  script_require_keys("Mozilla/Thunderbird/Version");

  exit(0);
}

include("mozilla_version.inc");
port = get_kb_item_or_exit("SMB/transport");

installs = get_kb_list("SMB/Mozilla/Thunderbird/*");
if (isnull(installs)) audit(AUDIT_NOT_INST, "Thunderbird");

mozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'2.0.0.22', severity:SECURITY_HOLE);
VendorProductVersionCPE
mozillathunderbirdcpe:/a:mozilla:thunderbird

References

Related

openvas 85
nessus 47
oraclelinux 3
redhat 4
centos 3
ubuntu 2
securityvulns 3
mozilla 2
fedora 41
suse 1
freebsd 2
osv 3
debian 3
openvas
openvas
Slackware Advisory SSA:2009-178-01 mozilla-thunderbird
2012-09-11 00:00:00
Slackware Advisory SSA:2009-178-01 mozilla-thunderbird
2012-09-11 00:00:00
Mandrake Security Advisory MDVSA-2009:141 (mozilla-thunderbird)
2009-06-30 00:00:00
nessus
nessus
Slackware 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / current : mozilla-thunderbird (SSA:2009-178-01)
2009-06-28 00:00:00
openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-6347)
2009-10-06 00:00:00
openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-1091)
2009-07-21 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2009-06-25 00:00:00
seamonkey security update
2009-06-12 00:00:00
firefox security update
2009-06-12 00:00:00
redhat
redhat
(RHSA-2009:1125) Moderate: thunderbird security update
2009-06-25 00:00:00
(RHSA-2009:1126) Moderate: thunderbird security update
2009-06-25 00:00:00
(RHSA-2009:1096) Critical: seamonkey security update
2009-06-11 00:00:00
centos
centos
thunderbird security update
2009-06-26 14:08:25
seamonkey security update
2009-06-12 21:25:45
firefox, xulrunner security update
2009-06-19 11:07:44
ubuntu
ubuntu
Thunderbird vulnerabilities
2009-06-25 00:00:00
Firefox and Xulrunner vulnerabilities
2009-06-12 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2009-14
2009-04-23 00:00:00
Mozilla Foundation Security Advisory 2009-24
2009-06-14 00:00:00
Mozilla Firefox multiple security vulnerabilities
2009-06-14 00:00:00
mozilla
mozilla
Crashes with evidence of memory corruption (rv:1.9.0.9) — Mozilla
2009-04-21 00:00:00
Crashes with evidence of memory corruption (rv:1.9.0.11) — Mozilla
2009-06-11 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: seamonkey-1.1.17-1.fc11
2009-07-16 07:11:14
[SECURITY] Fedora 10 Update: seamonkey-1.1.17-1.fc10
2009-07-16 06:57:32
[SECURITY] Fedora 10 Update: epiphany-extensions-2.24.3-2.fc10
2009-06-16 02:20:19
suse
suse
remote code execution in MozillaFirefox
2009-06-16 16:38:22
freebsd
freebsd
mozilla -- multiple vulnerabilities
2009-06-11 00:00:00
mozilla -- multiple vulnerabilities
2009-04-21 00:00:00
osv
osv
xulrunner - several vulnerabilities
2009-06-18 00:00:00
icedove - several vulnerabilities
2009-07-12 00:00:00
xulrunner - several vulnerabilities
2009-05-09 00:00:00
debian
debian
[SECURITY] [DSA 1820-1] New xulrunner packages fix several vulnerabilities
2009-06-18 14:13:03
[SECURITY] [DSA 1830-1] New icedove packages fix several vulnerabilities
2009-07-12 11:21:02
[SECURITY] [DSA 1797-1] New xulrunner packages fix several vulnerabilities
2009-05-09 13:00:16
JSON
Related for MOZILLA_THUNDERBIRD_20022.NASL
openvas85nessus47oraclelinux3redhat4centos3ubuntu2securityvulns3mozilla2fedora41suse1freebsd2osv3debian3