Summary
This host is installed with Mozilla Thunderbird
and is prone to spoofing vulnerability.
Impact
Successful exploitation will allow attackers
to conduct spoofing attacks.
Impact Level: Application
Solution
Upgrade to Mozilla Thunderbird version 24.8.1
or 31.1.2 or later, For updates refer to http://www.mozilla.com/en-US/thunderbird
Insight
Flaw exists due to improper handling of
ASN.1 values while parsing RSA signature
Affected
Mozilla Thunderbird before 24.8.1 and
31.x before 31.1.2 on Macosx
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-1568 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Mac OS X)
- Adobe AIR Multiple Vulnerabilities-01 Aug14 (Mac OS X)
- Adobe AIR Multiple Vulnerabilities-01 Dec13 (Windows)
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Windows)
- Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Mac OS X)