Mozilla Thunderbird 3.1.x Multiple Vulnerabilities

high Log Correlation Engine Plugin ID 801371

Synopsis

The remote host has a web browser installed that is vulnerable to multiple attack vectors.

Description

The remote host has a web browser installed that is vulnerable to multiple attack vectors.

Versions of Thunderbird 3.1.x earlier than 3.1.18 are potentially affected by the following security issues :

- A use-after-free error exists related to removed nsDOMAttribute child nodes. (CVE-2011-3659)

- The IPv6 literal syntax in web addresses is not being properly enforced. (CVE-2011-3670)

- Various memory safety issues exist. (CVE-2012-0442)

- Memory corruption errors exist related to the decoding of Ogg Vorbis files and processing of malformed XSLT stylesheets. (CVE-2012-0444, CVE-2012-0449)

Solution

Upgrade to Thunderbird 3.1.18 or later.

See Also

http://.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.18

http://.mozilla.org/security/announce/2012/mfsa2012-01.html

http://.mozilla.org/security/announce/2012/mfsa2012-02.html

http://.mozilla.org/security/announce/2012/mfsa2012-04.html

http://.mozilla.org/security/announce/2012/mfsa2012-07.html

http://.mozilla.org/security/announce/2012/mfsa2012-08.html

Plugin Details

Severity: High

ID: 801371

Family: Web Clients

Published: 2/7/2012

Nessus ID: 57771, 57776

Vulnerability Information

Patch Publication Date: 1/31/2012

Vulnerability Publication Date: 1/31/2012

Exploitable With

Metasploit (Firefox 8/9 AttributeChildRemoved() Use-After-Free)

Reference Information

CVE: CVE-2011-3659, CVE-2011-3670, CVE-2012-0442, CVE-2012-0444, CVE-2012-0449

BID: 51753, 51754, 51755, 51756, 51786