Description: | Description:
Overview: The host is installed with Thunderbird, which is prone to multiple vulnerabilities.
Vulnerability Insight: - Error in js/src/xpconnect/src/xpcwrappedjsclass.cpp file will allow attacker to execute arbitrary web script. - An error when handling a non-200 response returned by a proxy in reply to a CONNECT request, which could cause the body of the response to be rendered within the context of the request 'Host:' header. - An error when handling event listeners attached to an element whose owner document is null. - Due to content-loading policies not being checked before loading external script files into XUL documents, which could be exploited to bypass restrictions. - An error when handling event listeners attached to an element whose owner document is null. - Error exists in JavaScript engine is caused via vectors related to js_LeaveSharpObject, ParseXMLSource, and a certain assertion in jsinterp.c. - Error exists via vectors involving 'double frame construction.'
Impact: Successful exploitation could result in remote arbitrary JavaScript code execution, spoofing attacks, sensitive information disclosure, and can cause denial of service.
Impact Level: System/Application
Affected Software/OS: Thunderbire version prior to 2.0.0.22 on Windows.
Fix: Upgrade to Firefox version 2.0.0.22 http://www.mozilla.com/en-US/thunderbird/all.html
References: http://www.vupen.com/english/advisories/2009/1572 http://www.mozilla.org/security/announce/2009/mfsa2009-24.html http://www.mozilla.org/security/announce/2009/mfsa2009-27.html http://www.mozilla.org/security/announce/2009/mfsa2009-29.html http://www.mozilla.org/security/announce/2009/mfsa2009-31.html http://www.mozilla.org/security/announce/2009/mfsa2009-32.html
CVSS Score: 9.3
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
|