Mozilla Products Buffer Overflow Vulnerability March-11 (Windows) Network Vulnerability

Summary

The host is installed with Mozilla Firefox/Seamonkey/Thunderbird that are prone to buffer overflow vulnerability.

Impact

Successful exploitation will let attackers to cause a denial of service or possibly execute arbitrary code via JPEG image. Impact Level: Application

Solution

Upgrade to Firefox version 3.6.14 or later http://www.mozilla.com/en-US/firefox/all.html Upgrade to Seamonkey version 2.0.12 or later http://www.seamonkey-project.org/releases/ Upgrade to Thunderbird version 3.1.8 or later http://www.mozillamessaging.com/en-US/thunderbird/

Insight

Buffer overflow error exists when handling crafted JPEG image, which allows remote attackers to execute arbitrary code.

Affected

Seamonkey version before 2.0.12 Thunderbird version before 3.1.8 Firefox version 3.6.x before 3.6.14

References

http://www.mozilla.org/security/announce/2011/mfsa2011-09.html
http://www.vupen.com/english/advisories/2011/0531

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-0061

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe AIR Multiple Vulnerabilities(APSB14-22)-(Windows)
Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Mac OS X)
Adobe Acrobat Multiple Vulnerabilities April-2012 (Windows)
Adobe Air Multiple Vulnerabilities - November12 (Windows)
Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Mac OS X)

Take action and discover your vulnerabilities