Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.MOZILLA_THUNDERBIRD_3111.NASL
HistoryJun 21, 2011 - 12:00 a.m.

Mozilla Thunderbird 3.1 < 3.1.11 Multiple Vulnerabilities

2011-06-2100:00:00
This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
www.tenable.com
20

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.957 High

EPSS

Percentile

99.4%

JSON

The installed version of Thunderbird 3.1 is earlier than 3.1.11. Such versions are potentially affected by the following security issues :

  • Multiple memory safety issues can lead to application crashes and possibly remote code execution.
    (CVE-2011-2374, CVE-2011-2376, CVE-2011-2364, CVE-2011-2365)

  • A use-after-free issue when viewing XUL documents with scripts disabled could lead to code execution.
    (CVE-2011-2373)

  • A memory corruption issue due to multipart / x-mixed-replace images could lead to memory corruption.
    (CVE-2011-2377)

  • When a JavaScript Array object has its length set to an extremely large value, the iteration of array elements that occurs when its reduceRight method is called could result in code execution due to an invalid index value being used. (CVE-2011-2371)

  • Multiple dangling pointer vulnerabilities could lead to code execution. (CVE-2011-0083, CVE-2011-2363, CVE-2011-0085)

  • An error in the way cookies are handled could lead to information disclosure. (CVE-2011-2362)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(55289);
  script_version("1.21");
  script_cvs_date("Date: 2018/07/16 14:09:15");

  script_cve_id(
    "CVE-2011-0083",
    "CVE-2011-0085",
    "CVE-2011-2362",
    "CVE-2011-2363",
    "CVE-2011-2364",
    "CVE-2011-2365",
    "CVE-2011-2371",
    "CVE-2011-2373",
    "CVE-2011-2374",
    "CVE-2011-2376",
    "CVE-2011-2377"
  );
  script_bugtraq_id(
    48357,
    48358,
    48360,
    48361,
    48365,
    48366,
    48367,
    48368,
    48369,
    48372,
    48373,
    48376
  );
  script_xref(name:"EDB-ID", value:"17974");
  script_xref(name:"EDB-ID", value:"17976");
  script_xref(name:"EDB-ID", value:"18531");
  script_xref(name:"Secunia", value:"44982");

  script_name(english:"Mozilla Thunderbird 3.1 < 3.1.11 Multiple Vulnerabilities");
  script_summary(english:"Checks version of Thunderbird");

  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains a mail client that is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The installed version of Thunderbird 3.1 is earlier than 3.1.11. 
Such versions are potentially affected by the following security
issues :

  - Multiple memory safety issues can lead to application
    crashes and possibly remote code execution.
    (CVE-2011-2374, CVE-2011-2376, CVE-2011-2364,
    CVE-2011-2365)

  - A use-after-free issue when viewing XUL documents with
    scripts disabled could lead to code execution.
    (CVE-2011-2373)

  - A memory corruption issue due to multipart / 
    x-mixed-replace images could lead to memory corruption.
    (CVE-2011-2377)

  - When a JavaScript Array object has its length set to an
    extremely large value, the iteration of array elements
    that occurs when its reduceRight method is called could
    result in code execution due to an invalid index value
    being used. (CVE-2011-2371)

  - Multiple dangling pointer vulnerabilities could lead to
    code execution. (CVE-2011-0083, CVE-2011-2363,
    CVE-2011-0085)

  - An error in the way cookies are handled could lead to
    information disclosure. (CVE-2011-2362)");

  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-19/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-20/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-21/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-22/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-23/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2011-24/");
  script_set_attribute(attribute:"see_also", value:"http://www.zerodayinitiative.com/advisories/ZDI-11-223/");
  script_set_attribute(attribute:"see_also", value:"http://www.zerodayinitiative.com/advisories/ZDI-11-224/");
  script_set_attribute(attribute:"see_also", value:"http://www.zerodayinitiative.com/advisories/ZDI-11-225/");
  script_set_attribute(attribute:"solution", value:"Upgrade to Thunderbird 3.1.11 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Mozilla Firefox Array.reduceRight() Integer Overflow');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'CANVAS');

  script_set_attribute(attribute:"vuln_publication_date", value:"2011/06/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2011/06/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/21");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:thunderbird");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.");
  script_dependencies("mozilla_org_installed.nasl");
  script_require_keys("Mozilla/Thunderbird/Version");
  exit(0);
}

include("mozilla_version.inc");
port = get_kb_item_or_exit("SMB/transport");

installs = get_kb_list("SMB/Mozilla/Thunderbird/*");
if (isnull(installs)) audit(AUDIT_NOT_INST, "Thunderbird");

mozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'3.1.10', min:'3.1.11', severity:SECURITY_HOLE);
VendorProductVersionCPE
mozillathunderbirdcpe:/a:mozilla:thunderbird

References

Related

openvas 65
suse 3
nessus 42
ubuntu 6
debian 5
osv 3
redhat 4
centos 3
oraclelinux 4
securityvulns 2
mozilla 4
cve 8
prion 8
nvd 9
cvelist 9
ubuntucve 8
veracode 8
packetstorm 1
checkpoint_advisories 1
seebug 3
canvas 1
exploitpack 1
fireeye 1
openvas
openvas
Ubuntu Update for thunderbird USN-1150-1
2011-07-18 00:00:00
Ubuntu: Security Advisory (USN-1149-2)
2011-07-08 00:00:00
Ubuntu Update for firefox USN-1149-1
2011-06-24 00:00:00
suse
suse
MozillaThunderbird: Update to Thunderbird 3.1.11 (important)
2011-06-30 21:08:16
Security update for Mozilla Firefox (important)
2011-06-30 23:08:22
remote code execution in MozillaFirefox,MozillaThunderbird
2011-07-05 17:43:33
nessus
nessus
Ubuntu 10.04 LTS / 10.10 : firefox, xulrunner-1.9.2 vulnerabilities (USN-1149-1)
2011-06-23 00:00:00
openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4800)
2014-06-13 00:00:00
openSUSE Security Update : MozillaFirefox (MozillaFirefox-4761)
2014-06-13 00:00:00
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2011-06-22 00:00:00
Thunderbird vulnerabilities
2011-07-15 00:00:00
Firefox regression
2011-06-29 00:00:00
debian
debian
[SECURITY] [DSA 2273-1] icedove security update
2011-07-06 18:48:11
[BSA-038] Security Update for icedove
2011-07-04 06:40:40
[SECURITY] [DSA 2269-1] iceape security update
2011-07-01 20:33:09
osv
osv
iceape - several
2011-07-01 00:00:00
iceweasel - several
2011-07-01 00:00:00
icedove - multiple issues
2011-07-06 00:00:00
redhat
redhat
(RHSA-2011:0887) Critical: thunderbird security update
2011-06-21 00:00:00
(RHSA-2011:0885) Critical: firefox security and bug fix update
2011-06-21 00:00:00
(RHSA-2011:0888) Critical: seamonkey security update
2011-06-21 00:00:00
centos
centos
thunderbird security update
2011-06-22 23:49:49
firefox, xulrunner security update
2011-06-22 23:42:39
seamonkey security update
2011-08-14 21:51:22
oraclelinux
oraclelinux
firefox security and bug fix update
2011-06-21 00:00:00
thunderbird security update
2011-06-21 00:00:00
seamonkey security update
2011-06-21 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2011-06-23 00:00:00
ZDI-11-223: Mozilla Firefox SVGPathSegList.replaceItem Remote Code Execution Vulnerability
2011-06-23 00:00:00
mozilla
mozilla
Multiple dangling pointer vulnerabilities — Mozilla
2011-06-21 00:00:00
Miscellaneous memory safety hazards (rv:3.0/1.9.2.18) — Mozilla
2011-06-21 00:00:00
Use-after-free vulnerability when viewing XUL document with script disabled — Mozilla
2011-06-21 00:00:00
cve
cve
CVE-2011-2365
2011-06-30 16:55:05
CVE-2011-2364
2011-06-30 16:55:05
CVE-2011-2363
2011-06-30 16:55:05
prion
prion
Memory corruption
2011-06-30 16:55:00
Memory corruption
2011-06-30 16:55:00
Memory corruption
2011-06-30 16:55:00
nvd
nvd
CVE-2011-2365
2011-06-30 16:55:05
CVE-2011-2364
2011-06-30 16:55:05
CVE-2011-2377
2011-06-30 16:55:05
cvelist
cvelist
CVE-2011-2364
2011-06-30 16:00:00
CVE-2011-2365
2011-06-30 16:00:00
CVE-2011-2363
2011-06-30 16:00:00
ubuntucve
ubuntucve
CVE-2011-2365
2011-06-24 00:00:00
CVE-2011-2364
2011-06-24 00:00:00
CVE-2011-2363
2011-06-24 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:58:20
Denial Of Service (DoS)
2020-04-10 00:58:23
Arbitrary Code Execution
2020-04-10 00:58:21
packetstorm
packetstorm
Mozilla Firefox 4.0.1 Integer Overflow
2012-02-27 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Multiple Products Array.reduceRight Integer Overflow (CVE-2011-2371)
2011-09-27 00:00:00
seebug
seebug
Mozilla Firefox Array.reduceRight() Integer Overflow Exploit
2011-10-13 00:00:00
Mozilla Firefox/Thunderbird内存破坏漏洞(CVE-2011-2374)
2011-06-25 00:00:00
Mozilla Firefox/Thunderbird/SeaMonkey Cookie跨域信息泄露漏洞
2011-06-25 00:00:00
canvas
canvas
Immunity Canvas: FIREFOX_ARRAY_REDUCERIGHT
2011-06-30 16:55:00
exploitpack
exploitpack
Mozilla Firefox 4.0.1 - Array.reduceRight() Remote Overflow
2012-02-27 00:00:00
fireeye
fireeye
Using EMET to Disable EMET
2016-02-23 08:00:00

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.957 High

EPSS

Percentile

99.4%

JSON
Related for MOZILLA_THUNDERBIRD_3111.NASL
openvas65suse3nessus42ubuntu6debian5osv3redhat4centos3oraclelinux4securityvulns2mozilla4cve8prion8nvd9cvelist9ubuntucve8veracode8packetstorm1checkpoint_advisories1seebug3canvas1exploitpack1fireeye1