Mozilla Products Denial Of Service Vulnerability (Windows) Network Vulnerability

Summary

The host is installed with Mozilla Firefox/Seamonkey and is prone to Denial of Service vulnerability.

Impact

Successful exploitation will let attackers to cause a denial of service (excessive application launches) via an HTML document with many images. Impact Level: Application

Solution

Upgrade to Firefox version 3.5.9 or 3.6.2 http://www.mozilla.com/en-US/firefox/all.html Upgrade to Seamonkey version 2.0.4 http://www.seamonkey-project.org/releases/

Insight

The flaw is caused by an error when handling an 'image' tag pointing to a resource that redirects to a 'mailto:' URL, an external mail handler application is launched.

Affected

Seamonkey version prior to 2.0.4 and Firefox version before 3.5.9, 3.6.x before 3.6.2 on Windows.

References

http://www.mozilla.org/security/announce/2010/mfsa2010-23.html
http://www.vupen.com/english/advisories/2010/0748
http://xforce.iss.net/xforce/xfdb/57395

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0181

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows)
ClamAV Prior to 0.96.5 Multiple Vulnerabilities
ClamAV Remote Denial of Service Vulnerability
Apache Subversion 'mod_dav_svn' Module Multiple DoS Vulnerabilities
avast! AntiVirus Multiple BOF Vulnerabilities (Linux)

Mozilla Products Denial of Service Vulnerability (Windows)

Take action and discover your vulnerabilities