Mozilla Thunderbird Multiple Vulnerabilities-01 July14 (Windows) Network Vulnerability

Summary

This host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow attackers to conduct clickjacking attacks and compromise a user's system. Impact Level: System/Application

Solution

Upgrade to Mozilla Thunderbird version 24.6 or later, For updates refer to http://www.mozilla.com/en-US/thunderbird

Insight

Multiple flaws are due to, - An error in the 'RefreshDriverTimer::TickDriver' function in the SMIL Animation Controller. - An error in the 'nsTextEditRules::CreateMozBR' function. - An Unspecified error in the browser engine. - And some unspecified errors exist.

Affected

Mozilla Thunderbird version before 24.6 on Windows

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://secunia.com/advisories/59171
http://www.mozilla.org/security/announce/2014/mfsa2014-48.html

Updated on 2017-03-28

Severity

Classification

CVE CVE-2014-1533, CVE-2014-1538, CVE-2014-1541

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe AIR Multiple Vulnerabilities -02 April 13 (Mac OS X)
Adobe Air Multiple Vulnerabilities - November12 (Mac OS X)
Adobe AIR Multiple Vulnerabilities(APSB14-24)-(Mac OS X)
Adobe AIR Multiple Vulnerabilities-01 Sep14 (Mac OS X)
Adobe Acrobat Multiple Vulnerabilities April-2012 (Mac OS X)

Take action and discover your vulnerabilities