Summary
This host is installed with Mozilla Thunderbird
and is prone to spoofing vulnerability.
Impact
Successful exploitation will allow attackers
to conduct spoofing attacks.
Impact Level: Application
Solution
Upgrade to Mozilla Thunderbird version 24.8.1
or 31.1.2 or later, For updates refer to http://www.mozilla.com/en-US/thunderbird
Insight
Flaw exists due to improper handling of
ASN.1 values while parsing RSA signature
Affected
Mozilla Thunderbird before 24.8.1 and
31.x before 31.1.2 on Windows
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-1568 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Windows)
- Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Linux)
- Adobe Acrobat Multiple Unspecified Vulnerabilities - Mac OS X
- Adobe AIR Multiple Vulnerabilities-01 Sep13 (Windows)
- Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Mac OS X)