Summary
This host is installed with Mozilla Thunderbird
and is prone to spoofing vulnerability.
Impact
Successful exploitation will allow attackers
to conduct spoofing attacks.
Impact Level: Application
Solution
Upgrade to Mozilla Thunderbird version 24.8.1
or 31.1.2 or later, For updates refer to http://www.mozilla.com/en-US/thunderbird
Insight
Flaw exists due to improper handling of
ASN.1 values while parsing RSA signature
Affected
Mozilla Thunderbird before 24.8.1 and
31.x before 31.1.2 on Macosx
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-1568 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe AIR Multiple Vulnerabilities -01 April 13 (Windows)
- Adobe AIR Security Bypass Vulnerability Jan14 (Windows)
- Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Mac OS X)
- Adobe AIR Multiple Vulnerabilities -01 April 13 (Mac OS X)
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Linux)