Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2013 Greenbone AGOPENVAS:1361412562310803908
HistoryJul 17, 2013 - 12:00 a.m.

Mozilla Thunderbird Multiple Vulnerabilities (Aug 2012) - Mac OS X

2013-07-1700:00:00
Copyright (C) 2013 Greenbone AG
plugins.openvas.org
56

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

9.4

Confidence

High

EPSS

0.013

Percentile

85.9%

JSON

Mozilla Thunderbird is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2013 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.803908");
  script_version("2024-02-08T14:36:53+0000");
  script_cve_id("CVE-2012-3980");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2024-02-08 14:36:53 +0000 (Thu, 08 Feb 2024)");
  script_tag(name:"creation_date", value:"2013-07-17 12:58:15 +0530 (Wed, 17 Jul 2013)");
  script_name("Mozilla Thunderbird Multiple Vulnerabilities (Aug 2012) - Mac OS X");
  script_xref(name:"URL", value:"http://secunia.com/advisories/50088");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/55249");
  script_xref(name:"URL", value:"http://securitytracker.com/id/1027450");
  script_xref(name:"URL", value:"http://securitytracker.com/id/1027451");
  script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2012/mfsa2012-67.html");
  script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2012/mfsa2012-72.html");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2013 Greenbone AG");
  script_family("General");
  script_dependencies("gb_mozilla_prdts_detect_macosx.nasl");
  script_mandatory_keys("Thunderbird/MacOSX/Version");
  script_tag(name:"impact", value:"Successful exploitation could allow attackers to inject scripts, bypass
  certain security restrictions, execute arbitrary code in the context of the
  browser.");
  script_tag(name:"affected", value:"Mozilla Thunderbird version before 15.0 on Mac OS X");
  script_tag(name:"insight", value:"- An error in the installer will launch incorrect executable following new
    installation via a crafted executable file in a root directory.

  - An error in the web console can be exploited to inject arbitrary code that
    will be executed with chrome privileges.");
  script_tag(name:"solution", value:"Upgrade to Mozilla Thunderbird version 15.0 or later.");
  script_tag(name:"summary", value:"Mozilla Thunderbird is prone to multiple vulnerabilities.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}

include("version_func.inc");

vers = get_kb_item("Thunderbird/MacOSX/Version");
if(vers) {
  if(version_is_less(version:vers, test_version:"15.0"))
  {
    report = report_fixed_ver(installed_version:vers, fixed_version:"15.0");
    security_message(port: 0, data: report);
    exit(0);
  }
}

Related

ubuntucve 1
openvas 50
mozilla 1
cvelist 1
prion 1
cve 1
nvd 1
nessus 33
oraclelinux 2
redhat 2
veracode 19
centos 2
ubuntu 4
suse 5
securityvulns 1
freebsd 1
ibm 2
gentoo 1
osv 2
ubuntucve
ubuntucve
CVE-2012-3980
2012-08-29 00:00:00
openvas
openvas
Mozilla Firefox ESR Multiple Vulnerabilities - August12 (Mac OS X)
2013-07-17 00:00:00
Mozilla Firefox ESR Multiple Vulnerabilities (Aug 2012) - Mac OS X
2013-07-17 00:00:00
Mozilla Thunderbird Multiple Vulnerabilities - August12 (Mac OS X)
2013-07-17 00:00:00
mozilla
mozilla
Web console eval capable of executing chrome-privileged code — Mozilla
2012-08-28 00:00:00
cvelist
cvelist
CVE-2012-3980
2012-08-29 10:00:00
prion
prion
Code injection
2012-08-29 10:56:00
cve
cve
CVE-2012-3980
2012-08-29 10:56:41
nvd
nvd
CVE-2012-3980
2012-08-29 10:56:41
nessus
nessus
Thunderbird 10.0.x < 10.0.7 Multiple Vulnerabilities (Mac OS X)
2012-08-29 00:00:00
RHEL 5 / 6 : thunderbird (RHSA-2012:1211)
2012-08-29 00:00:00
CentOS 5 / 6 : thunderbird (CESA-2012:1211)
2012-08-30 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2012-08-29 00:00:00
firefox security update
2012-08-29 00:00:00
redhat
redhat
(RHSA-2012:1211) Critical: thunderbird security update
2012-08-29 00:00:00
(RHSA-2012:1210) Critical: firefox security update
2012-08-29 00:00:00
veracode
veracode
Memory Corruption
2019-05-02 04:42:51
Arbitrary Code Execution
2019-05-02 04:42:52
Memory Corruption
2019-05-02 04:42:55
centos
centos
thunderbird security update
2012-08-29 12:53:01
firefox, xulrunner security update
2012-08-29 12:43:30
ubuntu
ubuntu
Thunderbird regressions
2012-09-28 00:00:00
Thunderbird vulnerabilities
2012-08-30 00:00:00
Firefox vulnerabilities
2012-08-29 00:00:00
suse
suse
MozillaFirefox: Update to version 15 (critical)
2012-08-30 12:09:32
MozillaFirefox: Update to version 15 (critical)
2012-08-30 12:09:15
Security update for Mozilla Firefox (important)
2012-09-13 01:08:39
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-09-18 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-08-28 00:00:00
ibm
ibm
Security Bulletin: Storwize V7000 Unified V1.4.1.0 Includes Fixes for Multiple Vendor Security Vulnerabilities
2022-09-26 04:23:14
Security Bulletin: SONAS Update Includes Fixes for Multiple Vendor Security Vulnerabilities
2022-09-26 04:23:14
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
osv
osv
MozillaThunderbird-45.5.1-1.1 on GA media
2024-06-15 00:00:00
MozillaFirefox-50.1.0-1.1 on GA media
2024-06-15 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

9.4

Confidence

High

EPSS

0.013

Percentile

85.9%

JSON
Related for OPENVAS:1361412562310803908
ubuntucve1openvas50mozilla1cvelist1prion1cve1nvd1nessus33oraclelinux2redhat2veracode19centos2ubuntu4suse5securityvulns1freebsd1ibm2gentoo1osv2