Mozilla Products 'jsinfer.cpp' Denial Of Service Vulnerability (Mac OS X) Network Vulnerability

Summary

This host is installed with Mozilla firefox/thunderbird and is prone to denial of service vulnerability.

Impact

Successful exploitation could allow attackers to execute arbitrary code in the context of the browser or cause a denial of service. Impact Level: System/Application

Solution

Upgrade to Mozilla Firefox ESR version 10.0.5 or later, For updates refer to http://www.mozilla.com/en-US/firefox/all.html Upgrade to Mozilla Thunderbird ESR version 10.0.5 or later, http://www.mozilla.org/en-US/thunderbird/

Insight

The 'jsinfer.cpp' function in ESR versions fails to determine data types, which allows to cause a denial of service via crafted JavaScript code.

Affected

Thunderbird ESR version 10.x before 10.0.5, Mozilla Firefox ESR version 10.x before 10.0.5 on Mac OS X

References

http://secunia.com/advisories/49366
http://secunia.com/advisories/49368
http://securitytracker.com/id/1027120
http://www.mozilla.org/security/announce/2012/mfsa2012-34.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-1939

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

connect to all open ports
Check for RealServer DoS
Avast! Zoo Denial of Service Vulnerability
ClamAV Multiple Vulnerabilities (Win)
Adobe Flash Player/Air Multiple DoS Vulnerabilities - Aug09 (Win)

Mozilla Products 'jsinfer.cpp' Denial of Service Vulnerability (Mac OS X)

Take action and discover your vulnerabilities