Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.MACOSX_THUNDERBIRD_31_6.NASL
HistoryApr 01, 2015 - 12:00 a.m.

Mozilla Thunderbird < 31.6 Multiple Vulnerabilities (Mac OS X)

2015-04-0100:00:00
This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
www.tenable.com
22

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.961

Percentile

99.5%

JSON

The version of Thunderbird installed on the remote Mac OS X host is prior to 31.6. It is, therefore, affected by the following vulnerabilities :

  • A privilege escalation vulnerability exists which relates to anchor navigation. A remote attacker can exploit this to bypass same-origin policy protections, allowing a possible execution of arbitrary scripts in a privileged context. (CVE-2015-0801)

  • Access to certain privileged internal methods is retained when navigating from windows created to contain privileged UI content to unprivileged pages. An attacker can exploit this to execute arbitrary JavaScript with elevated privileges. (CVE-2015-0802)

  • A cross-site request forgery (XSRF) vulnerability exists in the sendBeacon() function due to cross-origin resource sharing (CORS) requests following 30x redirections. (CVE-2015-0807)

  • Multiple memory safety issues exist within the browser engine. A remote attacker can exploit these to corrupt memory and possibly execute arbitrary code.
    (CVE-2015-0815)

  • A privilege escalation vulnerability exists related to documents loaded through a ‘resource:’ URL. An attacker can exploit this to load pages and execute JavaScript with elevated privileges. (CVE-2015-0816)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(82501);
  script_version("1.10");
  script_cvs_date("Date: 2018/07/14  1:59:36");

  script_cve_id(
    "CVE-2015-0801",
    "CVE-2015-0802",
    "CVE-2015-0807",
    "CVE-2015-0815",
    "CVE-2015-0816"
  );
  script_bugtraq_id(
    73454,
    73455,
    73457,
    73461,
    73466
  );

  script_name(english:"Mozilla Thunderbird < 31.6 Multiple Vulnerabilities (Mac OS X)");
  script_summary(english:"Checks the version of Thunderbird.");

  script_set_attribute(attribute:"synopsis", value:
"The remote Mac OS X host contains a mail client that is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Thunderbird installed on the remote Mac OS X host is
prior to 31.6. It is, therefore, affected by the following
vulnerabilities :

  - A privilege escalation vulnerability exists which
    relates to anchor navigation. A remote attacker can
    exploit this to bypass same-origin policy protections,
    allowing a possible execution of arbitrary scripts in a
    privileged context. (CVE-2015-0801)

  - Access to certain privileged internal methods is
    retained when navigating from windows created to contain
    privileged UI content to unprivileged pages. An attacker
    can exploit this to execute arbitrary JavaScript with
    elevated privileges. (CVE-2015-0802)

  - A cross-site request forgery (XSRF) vulnerability exists
    in the sendBeacon() function due to cross-origin
    resource sharing (CORS) requests following 30x
    redirections. (CVE-2015-0807)

  - Multiple memory safety issues exist within the browser
    engine. A remote attacker can exploit these to corrupt
    memory and possibly execute arbitrary code.
    (CVE-2015-0815)

  - A privilege escalation vulnerability exists related to
    documents loaded through a 'resource:' URL. An attacker
    can exploit this to load pages and execute JavaScript
    with elevated privileges. (CVE-2015-0816)");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2015-30/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2015-33/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2015-37/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2015-40/");

  script_set_attribute(attribute:"solution", value:"Upgrade to Thunderbird 31.6 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Firefox PDF.js Privileged Javascript Injection');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/01/12");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/03/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/04/01");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:thunderbird");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.");

  script_dependencies("macosx_thunderbird_installed.nasl");
  script_require_keys("MacOSX/Thunderbird/Installed");

  exit(0);
}

include("mozilla_version.inc");

kb_base = "MacOSX/Thunderbird";
get_kb_item_or_exit(kb_base+"/Installed");

version = get_kb_item_or_exit(kb_base+"/Version", exit_code:1);
path = get_kb_item_or_exit(kb_base+"/Path", exit_code:1);

if (get_kb_item(kb_base + '/is_esr')) exit(0, 'The Mozilla Thunderbird install is in the ESR branch.');

mozilla_check_version(product:'thunderbird', version:version, path:path, esr:FALSE, fix:'31.6', min:'31.0', severity:SECURITY_HOLE, xss:FALSE, xsrf:TRUE);
VendorProductVersionCPE
mozillathunderbirdcpe:/a:mozilla:thunderbird

Related

nessus 24
openvas 35
veracode 5
archlinux 2
oraclelinux 2
centos 2
debian 3
redhat 2
ubuntu 2
mageia 2
suse 5
metasploit 2
checkpoint_advisories 1
packetstorm 1
ibm 2
exploitdb 1
nvd 5
prion 5
mozilla 5
cve 5
ubuntucve 5
zdi 1
cvelist 5
zdt 1
freebsd 1
securityvulns 1
kaspersky 1
androidsecurity 1
gentoo 1
nessus
nessus
Mozilla Thunderbird < 31.6 Multiple Vulnerabilities
2015-04-01 00:00:00
Firefox ESR 31.x < 31.6 Multiple Vulnerabilities (Mac OS X)
2015-04-01 00:00:00
Firefox ESR 31.x < 31.6 Multiple Vulnerabilities
2015-04-01 00:00:00
openvas
openvas
Mozilla Firefox ESR Multiple Vulnerabilities-01 (Apr 2015) - Mac OS X
2015-04-06 00:00:00
Mozilla Firefox ESR Multiple Vulnerabilities-01 (Apr 2015) - Windows
2015-04-06 00:00:00
Mozilla Thunderbird Multiple Vulnerabilities-01 (Apr 2015) - Mac OS X
2015-04-06 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:12:58
Arbitrary Code Execution
2019-05-02 05:12:58
Cross-Site Request Forgery (CSRF)
2019-05-02 05:12:57
archlinux
archlinux
thunderbird: multiple issues
2015-04-04 00:00:00
firefox: multiple issues
2015-04-01 00:00:00
oraclelinux
oraclelinux
firefox security update
2015-04-01 00:00:00
thunderbird security update
2015-04-01 00:00:00
centos
centos
firefox, xulrunner security update
2015-03-31 23:44:15
thunderbird security update
2015-04-01 14:33:26
debian
debian
[SECURITY] [DSA 3211-1] iceweasel security update
2015-04-01 16:10:19
[SECURITY] [DSA 3211-1] iceweasel security update
2015-04-01 16:10:19
[SECURITY] [DSA 3212-1] icedove security update
2015-04-02 20:35:14
redhat
redhat
(RHSA-2015:0771) Important: thunderbird security update
2015-04-01 00:00:00
(RHSA-2015:0766) Critical: firefox security update
2015-03-31 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2015-04-02 00:00:00
Firefox vulnerabilities
2015-04-01 00:00:00
mageia
mageia
Updated firefox & thunderbird packages fix security vulnerabilities
2015-04-03 16:11:23
Updated iceape packages fix security vulnerabilities
2015-09-08 10:20:40
suse
suse
Security update for MozillaFirefox (important)
2015-04-10 17:04:55
Security update for MozillaFirefox (important)
2015-04-10 18:04:46
Update to Firefox 31.7.0esr (important)
2015-05-18 13:04:51
metasploit
metasploit
Firefox PDF.js Privileged Javascript Injection
2015-08-16 01:02:00
Firefox Proxy Prototype Privileged Javascript Injection
2015-03-23 18:44:41
checkpoint_advisories
checkpoint_advisories
Firefox PDF.js Javascript Injection (CVE-2015-0802; CVE-2015-0816)
2017-08-29 00:00:00
packetstorm
packetstorm
Firefox PDF.js Privileged Javascript Injection
2015-08-23 00:00:00
ibm
ibm
Security Bulletin: Open Source Mozilla Firefox vulnerability in IBM SONAS (CVE-2015-0801, CVE-2015-0807, CVE-2015-0813, CVE-2015-0815, CVE-2015-0816,CVE-2015-0817, CVE-2015-0818, CVE-2015-2708, CVE-2015-2709)
2018-06-18 00:09:30
Security Bulletin: Open Source Mozilla Firefox vulnerability in IBM Storwize V7000 Unified (CVE-2015-0801, CVE-2015-0807, CVE-2015-0813, CVE-2015-0815, CVE-2015-0816,CVE-2015-0817, CVE-2015-0818, CVE-2015-2708, CVE-2015-2709)
2018-06-18 00:09:39
exploitdb
exploitdb
Mozilla Firefox - &#039;pdf.js&#039; Privileged JavaScript Injection (Metasploit)
2015-08-24 00:00:00
nvd
nvd
CVE-2015-0816
2015-04-01 10:59:14
CVE-2015-0815
2015-04-01 10:59:13
CVE-2015-0802
2015-04-01 10:59:03
prion
prion
Design/Logic Flaw
2015-04-01 10:59:00
Memory corruption
2015-04-01 10:59:00
Information disclosure
2015-04-01 10:59:00
mozilla
mozilla
resource:// documents can load privileged pages — Mozilla
2015-03-31 00:00:00
CORS requests should not follow 30x redirections after preflight — Mozilla
2015-03-31 00:00:00
Windows can retain access to privileged content on navigation to unprivileged pages — Mozilla
2015-03-31 00:00:00
cve
cve
CVE-2015-0816
2015-04-01 10:59:14
CVE-2015-0815
2015-04-01 10:59:13
CVE-2015-0802
2015-04-01 10:59:03
ubuntucve
ubuntucve
CVE-2015-0816
2015-04-01 00:00:00
CVE-2015-0815
2015-04-01 00:00:00
CVE-2015-0802
2015-04-01 00:00:00
zdi
zdi
(Pwn2Own) Mozilla Firefox resource: URL Remote Code Execution Vulnerability
2015-04-03 00:00:00
cvelist
cvelist
CVE-2015-0816
2015-04-01 10:00:00
CVE-2015-0815
2015-04-01 10:00:00
CVE-2015-0802
2015-04-01 10:00:00
zdt
zdt
Firefox PDF.js Privileged Javascript Injection Exploit
2015-08-23 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2015-03-31 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2015-04-08 00:00:00
kaspersky
kaspersky
KLA10525 Multiple vulnerabilities in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird
2015-03-31 00:00:00
androidsecurity
androidsecurity
Nexus Security Bulletin - February 2016
2016-02-01 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-12-30 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.961

Percentile

99.5%

JSON
Related for MACOSX_THUNDERBIRD_31_6.NASL
nessus24openvas35veracode5archlinux2oraclelinux2centos2debian3redhat2ubuntu2mageia2suse5metasploit2checkpoint_advisories1packetstorm1ibm2exploitdb1nvd5prion5mozilla5cve5ubuntucve5zdi1cvelist5zdt1freebsd1securityvulns1kaspersky1androidsecurity1gentoo1