Lucene search
Copyright (C) 2013 Greenbone AGOPENVAS:1361412562310803908HistoryJul 17, 2013 - 12:00 a.m.
Mozilla Thunderbird Multiple Vulnerabilities (Aug 2012) - Mac OS X
2013-07-1700:00:00
Copyright (C) 2013 Greenbone AG
plugins.openvas.org
50
9.4 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.013 Low
EPSS
Percentile
85.7%
Mozilla Thunderbird is prone to multiple vulnerabilities.
# SPDX-FileCopyrightText: 2013 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.803908");
script_version("2024-02-08T14:36:53+0000");
script_cve_id("CVE-2012-3980");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"last_modification", value:"2024-02-08 14:36:53 +0000 (Thu, 08 Feb 2024)");
script_tag(name:"creation_date", value:"2013-07-17 12:58:15 +0530 (Wed, 17 Jul 2013)");
script_name("Mozilla Thunderbird Multiple Vulnerabilities (Aug 2012) - Mac OS X");
script_xref(name:"URL", value:"http://secunia.com/advisories/50088");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/55249");
script_xref(name:"URL", value:"http://securitytracker.com/id/1027450");
script_xref(name:"URL", value:"http://securitytracker.com/id/1027451");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2012/mfsa2012-67.html");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2012/mfsa2012-72.html");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2013 Greenbone AG");
script_family("General");
script_dependencies("gb_mozilla_prdts_detect_macosx.nasl");
script_mandatory_keys("Thunderbird/MacOSX/Version");
script_tag(name:"impact", value:"Successful exploitation could allow attackers to inject scripts, bypass
certain security restrictions, execute arbitrary code in the context of the
browser.");
script_tag(name:"affected", value:"Mozilla Thunderbird version before 15.0 on Mac OS X");
script_tag(name:"insight", value:"- An error in the installer will launch incorrect executable following new
installation via a crafted executable file in a root directory.
- An error in the web console can be exploited to inject arbitrary code that
will be executed with chrome privileges.");
script_tag(name:"solution", value:"Upgrade to Mozilla Thunderbird version 15.0 or later.");
script_tag(name:"summary", value:"Mozilla Thunderbird is prone to multiple vulnerabilities.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("version_func.inc");
vers = get_kb_item("Thunderbird/MacOSX/Version");
if(vers) {
if(version_is_less(version:vers, test_version:"15.0"))
{
report = report_fixed_ver(installed_version:vers, fixed_version:"15.0");
security_message(port: 0, data: report);
exit(0);
}
}
Related
openvas
openvas
Mozilla Firefox ESR Multiple Vulnerabilities - August12 (Mac OS X)
2013-07-17 00:00:00
Mozilla Firefox Multiple Vulnerabilities - August12 (Mac OS X)
2012-08-30 00:00:00
Mozilla Thunderbird ESR Multiple Vulnerabilities - August12 (Mac OS X)
2013-07-17 00:00:00
ubuntucve
ubuntucve
CVE-2012-3980
2012-08-29 00:00:00
prion
prion
Code injection
2012-08-29 10:56:00
cve
cve
CVE-2012-3980
2012-08-29 10:56:00
mozilla
mozilla
Web console eval capable of executing chrome-privileged code — Mozilla
2012-08-28 00:00:00
nessus
nessus
Thunderbird 10.0.x < 10.0.7 Multiple Vulnerabilities (Mac OS X)
2012-08-29 00:00:00
CentOS 5 / 6 : thunderbird (CESA-2012:1211)
2012-08-30 00:00:00
Mozilla Thunderbird 10.0.x < 10.0.7 Multiple Vulnerabilities
2012-08-29 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2012-08-29 00:00:00
firefox security update
2012-08-29 00:00:00
centos
centos
thunderbird security update
2012-08-29 12:53:01
firefox, xulrunner security update
2012-08-29 12:43:30
redhat
redhat
(RHSA-2012:1211) Critical: thunderbird security update
2012-08-29 00:00:00
(RHSA-2012:1210) Critical: firefox security update
2012-08-29 00:00:00
veracode
veracode
Memory Corruption
2019-05-02 04:42:55
Arbitrary Code Execution
2019-05-02 04:42:52
Memory Corruption
2019-05-02 04:42:51
ubuntu
ubuntu
Thunderbird vulnerabilities
2012-08-30 00:00:00
Thunderbird regressions
2012-09-28 00:00:00
Firefox regression
2012-09-11 00:00:00
suse
suse
MozillaFirefox: Update to version 15 (critical)
2012-08-30 12:09:15
MozillaFirefox: Update to version 15 (critical)
2012-08-30 12:09:32
Security update for Mozilla Firefox (important)
2012-09-14 02:08:30
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-08-28 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-09-18 00:00:00
ibm
ibm
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
9.4 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.013 Low
EPSS
Percentile
85.7%
Related for OPENVAS:1361412562310803908