Mozilla Thunderbird Multiple Vulnerabilities Apr-09 (Win) Network Vulnerability

Summary

The host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities.

Impact

Successful exploitation could result in Information Disclosure, XSS, Script Injection, Memory Corruption, CSRF, Arbitrary JavaScript code execution or can cause denial of service attacks. Impact Level: System/Application

Solution

Upgrade to Thunderbird version 2.0.0.22 http://www.mozillamessaging.com/en-US/thunderbird/all.html

Insight

For more information about vulnerabilities on Thunderbird, go through the links mentioned in references.

Affected

Thunderbird version prior to 2.0.0.22 on Windows.

References

http://secunia.com/advisories/34780
http://www.mozilla.org/security/announce/2009/mfsa2009-14.html
http://www.mozilla.org/security/announce/2009/mfsa2009-16.html
http://www.mozilla.org/security/announce/2009/mfsa2009-17.html
http://www.mozilla.org/security/announce/2009/mfsa2009-18.html
http://www.mozilla.org/security/announce/2009/mfsa2009-19.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe ColdFusion Multiple Full Path Disclosure Vulnerabilities
Apache Tomcat NIO Connector Denial of Service Vulnerability
Advantech WebAccess Multiple Stack Based Buffer Overflow Vulnerabilities
Apache Rave User Information Disclosure Vulnerability
Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability

Take action and discover your vulnerabilities