Mozilla Thunderbird < 31.7 Multiple Vulnerabilities (Mac OS X)

high Nessus Plugin ID 83463

Synopsis

The remote Mac OS X host contains a mail client that is affected by multiple vulnerabilities.

Description

The version of Thunderbird installed on the remote Mac OS X host is prior to 31.7. It is, therefore, affected by the following vulnerabilities :

- Multiple memory corruption issues exist within the browser engine. A remote attacker can exploit these to corrupt memory and execute arbitrary code.
(CVE-2015-2708)

- A buffer overflow condition exists in SVGTextFrame.cpp when rendering SVG graphics that are combined with certain CSS properties due to improper validation of user-supplied input. A remote attacker can exploit this to cause a heap-based buffer overflow, resulting in the execution of arbitrary code. (CVE-2015-2710)

- A use-after-free error exists due to improper processing of text when vertical text is enabled. A remote attacker can exploit this to dereference already freed memory.
(CVE-2015-2713)

- A buffer overflow condition exists in the XML_GetBuffer() function in xmlparse.c due to improper validation of user-supplied input when handling compressed XML content. An attacker can exploit this to cause a buffer overflow, resulting in the execution of arbitrary code. (CVE-2015-2716)

Solution

Upgrade to Thunderbird 31.7 or later.

See Also

https://www.mozilla.org/en-US/security/advisories/mfsa2015-46/

https://www.mozilla.org/en-US/security/advisories/mfsa2015-48/

https://www.mozilla.org/en-US/security/advisories/mfsa2015-51/

https://www.mozilla.org/en-US/security/advisories/mfsa2015-54/

Plugin Details

Severity: High

ID: 83463

File Name: macosx_thunderbird_31_7.nasl

Version: 1.9

Type: local

Agent: macosx

Published: 5/14/2015

Updated: 11/22/2019

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2015-2716

Vulnerability Information

CPE: cpe:/a:mozilla:thunderbird

Required KB Items: MacOSX/Thunderbird/Installed

Exploit Ease: No known exploits are available

Patch Publication Date: 5/12/2015

Vulnerability Publication Date: 5/12/2015

Reference Information

CVE: CVE-2015-2708, CVE-2015-2710, CVE-2015-2713, CVE-2015-2716

BID: 74611, 74615