Mozilla Thunderbird Multiple Vulnerabilities-01 July14 (Mac OS X) Network Vulnerability

Summary

This host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow attackers to conduct clickjacking attacks and compromise a user's system. Impact Level: System/Application

Solution

Upgrade to Mozilla Thunderbird version 24.6 or later, For updates refer to http://www.mozilla.com/en-US/thunderbird

Insight

Multiple flaws are due to, - An error in the 'RefreshDriverTimer::TickDriver' function in the SMIL Animation Controller. - An error in the 'nsTextEditRules::CreateMozBR' function. - An Unspecified error in the browser engine. - And some unspecified errors exist.

Affected

Mozilla Thunderbird version before 24.6 on Mac OS X

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://secunia.com/advisories/59171
http://www.mozilla.org/security/announce/2014/mfsa2014-48.html

Updated on 2017-03-28

Severity

Classification

CVE CVE-2014-1533, CVE-2014-1538, CVE-2014-1541

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Air and Flash Player Multiple Vulnerabilities (Mac OS X)
Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Windows)
Adobe AIR Multiple Vulnerabilities-01 Aug14 (Mac OS X)
Adobe Air Multiple Vulnerabilities June-2012 (Mac OS X)
Adobe Acrobat Sandbox Bypass Vulnerability - Aug14 (Windows)

Take action and discover your vulnerabilities