| VID |
28924 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Thunderbird installed on the remote Windows host is prior to 78.10.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2021-19 advisory.
- The Maintenance Service granted SERVICESTART access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating (if an attacker spammed the 'Stop' command); but also exposed attack surface in the maintenance service.
* References:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-19/
* Platforms Affected:
Mozilla Foundation, Thunderbird versions prior to 78.10.1
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Thunderbird (78.10.1 or later), available from the Mozilla Web site at http://www.mozilla.com/thunderbird/ |
| Related URL |
CVE-2021-29951 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
