ID de Prueba:	1.3.6.1.4.1.25623.1.0.804139
Categoría:	General
Título:	Mozilla Thunderbird Multiple Vulnerabilities-01 Nov13 (Mac OS X)
Resumen:	This host is installed with Mozilla Thunderbird and is prone to multiple;vulnerabilities.
Descripción:	Summary: This host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws due to: - Use-after-free vulnerability in the 'nsContentUtils::ContentIsHostIncludingDescendantOf' function. - Improper data initialization in the 'txXPathNodeUtils::getBaseURI' function. - An error in 'Worker::SetEventListener' function in the Web workers implementation. - Use-after-free vulnerability in the 'nsEventListenerManager::SetEventHandler' function. - Use-after-free vulnerability in 'nsIOService::NewChannelFromURIWithProxyFlags' function. - Use-after-free vulnerability in the 'nsIPresShell::GetPresContext' function. - Use-after-free vulnerability in 'nsDocLoader::doStopDocumentLoad' function. - Multiple unspecified vulnerabilities in the browser engine. - Improper restriction of the nature or placement of HTML within dropdown menu. - Improper memory allocation for unspecified functions by JavaScript engine. - Improper determination of the thread for release of an image object. Vulnerability Impact: Successful exploitation will allow attackers to execute arbitrary code, cause a denial of service, spoof the address bar, conduct clickjacking attacks and conduct buffer overflow attacks. Affected Software/OS: Mozilla Thunderbird before version 24.1 on Mac OS X Solution: Upgrade to Mozilla Thunderbird version 24.1 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-5603 https://security.gentoo.org/glsa/201504-01 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19302 SuSE Security Announcement: openSUSE-SU-2013:1633 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html SuSE Security Announcement: openSUSE-SU-2013:1634 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00006.html Common Vulnerability Exposure (CVE) ID: CVE-2013-5604 Debian Security Information: DSA-2788 (Google Search) http://www.debian.org/security/2013/dsa-2788 Debian Security Information: DSA-2797 (Google Search) http://www.debian.org/security/2013/dsa-2797 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19091 RedHat Security Advisories: RHSA-2013:1476 http://rhn.redhat.com/errata/RHSA-2013-1476.html RedHat Security Advisories: RHSA-2013:1480 http://rhn.redhat.com/errata/RHSA-2013-1480.html SuSE Security Announcement: SUSE-SU-2013:1678 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00014.html Common Vulnerability Exposure (CVE) ID: CVE-2013-5602 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19293 Common Vulnerability Exposure (CVE) ID: CVE-2013-5601 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18495 Common Vulnerability Exposure (CVE) ID: CVE-2013-5600 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19172 Common Vulnerability Exposure (CVE) ID: CVE-2013-5599 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19315 Common Vulnerability Exposure (CVE) ID: CVE-2013-5597 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19277 Common Vulnerability Exposure (CVE) ID: CVE-2013-5591 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19015 Common Vulnerability Exposure (CVE) ID: CVE-2013-5590 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19001 Common Vulnerability Exposure (CVE) ID: CVE-2013-5593 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19263 Common Vulnerability Exposure (CVE) ID: CVE-2013-5595 BugTraq ID: 63421 http://www.securityfocus.com/bid/63421 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18694 Common Vulnerability Exposure (CVE) ID: CVE-2013-5596 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19066
Copyright	Copyright (C) 2013 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.