Summary
This host is installed with Mozilla
Thunderbird and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers
to disclose potentially sensitive information and compromise a user's system.
Impact Level: Application/System
Solution
Upgrade to Mozilla Thunderbird version
31.1 or later, For updates refer http://www.mozilla.com/en-US/thunderbird
Insight
Multiple flaws exist due to,
- An out-of-bounds read error when creating an audio timeline in Web Audio.
- An error when decoding GIF images.
- A use-after-free error during cycle collection when animating SVG content.
- Some other unspecified errors.
Affected
Mozilla Thunderbird 31.x before 31.1 on Windows
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
- http://secunia.com/advisories/59236
- http://www.mozilla.org/security/announce/2014/mfsa2014-67.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-68.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-69.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-70.html
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-1553, CVE-2014-1563, CVE-2014-1564, CVE-2014-1565 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Windows)
- Adobe Acrobat and Reader Multiple Vulnerabilities -Oct10 (Windows)
- Adobe Flash Player 9.0.115.0 and earlier vulnerability (Lin)
- Adobe Air and Flash Player Multiple Vulnerabilities August-2011 (Windows)
- Adobe AIR Multiple Vulnerabilities-01 Sep14 (Windows)