| VID |
28656 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of Mozilla Thunderbird which is older than 1.0.2 is detected as installed on the host. Mozilla Thunderbird is an open-source based e-mail client, developed by the Mozilla project. Mozilla Thunderbird versions prior to 1.0.2 are vulnerable to a heap-based buffer overflow. This vulnerability exists in the GIF image processing library used by Mozilla Firefox, Mozilla Browser, and Mozilla Thunderbird Mail client. An attacker could exploit this vulnerability by hosting a malicious page containing a specially-crafted GIF image on a Web site or by sending it within an HTML email. Successful exploitation would allow a remote attacker to cause a heap overflow in the Thunderbird process and execute arbitrary code on the affected host.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://xforce.iss.net/xforce/alerts/id/191
http://www.ciac.org/ciac/bulletins/p-160.shtml
http://www.mozilla.org/security/announce/mfsa2005-30.html
* Platforms Affected:
The Mozilla Organization, Thunderbird versions prior to 1.0.2
Microsoft Windows Any version
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Thunderbird (1.0.2 or later), available from the Mozilla Thunderbird Download Web page at http://www.mozilla.org/products/thunderbird/ |
| Related URL |
CVE-2005-0399 (CVE) |
| Related URL |
12881 (SecurityFocus) |
| Related URL |
19269 (ISS) |
|
