The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2062-1 advisory.

  - An attacker could have sent a message to the parent process where the contents were used to double-index     into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript     executing in the privileged parent process. This vulnerability affects Firefox ESR < 91.9.1, Firefox <     100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1. (CVE-2022-1529)

  - If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution,     they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This     vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and     Thunderbird < 91.9.1. (CVE-2022-1802)

  - When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space     character multiple times, Thunderbird would have displayed all the spaces. This could have been used by an     attacker to send an email message with the attacker's digital signature, that was shown with an arbitrary     sender email address chosen by the attacker. If the sender name started with a false email address,     followed by many Braille space characters, the attacker's email address was not visible. Because     Thunderbird compared the invisible sender address with the signature's email address, if the signing key     or certificate was accepted by Thunderbird, the email was shown as having a valid digital signature. This     vulnerability affects Thunderbird < 91.10. (CVE-2022-1834)

  - A malicious website could have learned the size of a cross-origin resource that supported Range requests.
    This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. (CVE-2022-31736)

  - A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a     potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox     ESR < 91.10. (CVE-2022-31737)

  - When exiting fullscreen mode, an iframe could have confused the browser about the current state of     fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects     Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. (CVE-2022-31738)

  - When downloading files on Windows, the % character was not escaped, which could have lead to a download     incorrectly being saved to attacker-influenced paths that used variables such as %HOMEPATH% or     %APPDATA%.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This     vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. (CVE-2022-31739)

  - On arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation     problem, and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox <     101, and Firefox ESR < 91.10. (CVE-2022-31740)

  - A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and     potentially further memory corruption. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and     Firefox ESR < 91.10. (CVE-2022-31741)

  - An attacker could have exploited a timing attack by sending a large number of allowCredential entries and     detecting the difference between invalid key handles and cross-origin key handles. This could have led to     cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird <     91.10, Firefox < 101, and Firefox ESR < 91.10. (CVE-2022-31742)

  - Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory     safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory     corruption and we presume that with enough effort some of these could have been exploited to run arbitrary     code. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
    (CVE-2022-31747)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2022:2062-1)

critical Nessus Plugin ID 162207

Version 1.9

Version 1.8

Version 1.7

Version 1.6

Version 1.5

Version 1.4

Version 1.3

Version 1.9 Jul 14, 2023, 5:13 AM Detection Plugin metadata Plugin Feed: 202307140513
Version 1.8 Jul 12, 2023, 5:37 PM Detection Plugin Feed: 202307121737
Version 1.7 Mar 10, 2023, 5:10 PM Logic Changes (Added support for additional SUSE Platforms) Plugin Feed: 202303101710
Version 1.6 Feb 4, 2023, 12:45 AM Logic Changes (Added missing service packs to plugin checks) Plugin Feed: 202302040045
Version 1.5 Jan 21, 2023, 5:26 AM Logic Changes (Added package checks for openSuSE) Plugin Feed: 202301210526
Version 1.4 Jan 6, 2023, 4:14 PM CVSS metrics ("CVSSv3 score" changed from "8.8" to "9.8") CVSS metrics ("CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H") CVSS temporal metrics ("CVSSv3 temporal score" set to "8.5") CVSSv2 score source (changed from "CVE-2022-1802" to "CVE-2022-31747") Plugin Feed: 202301061614
Version 1.3 Dec 30, 2022, 4:05 PM CVSS metrics ("CVSSv2 score" changed from "7.5" to "10.0") CVSS metrics ("CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C") CVSSv2 score source (changed from "CVE-2022-31747" to "CVE-2022-1802") Plugin Feed: 202212301605