Summary
The host is installed with Mozilla Firefox or Thunderbird and is prone to multiple denial of service vulnerabilities.
Impact
Successful exploitation will let remote attackers to execute arbitrary code or cause a denial of service.
Impact Level: Application
Solution
Upgrade to Firefox version 3.6.18 or later
http://www.mozilla.com/en-US/firefox/all.html
Upgrade to Thunderbird version 3.1.11 or later
http://www.mozillamessaging.com/en-US/thunderbird/
Insight
Multiple flaws are due to unspecified errors in the browser engine, that allows remote attackers to cause a denial of service or possibly execute arbitrary code.
Affected
Thunderbird version before 3.1.11.
Mozilla Firefox versions 3.6.x before 3.6.18.
References
Severity
Classification
-
CVE CVE-2011-2364, CVE-2011-2365 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Easy RM to MP3 Converter Buffer Overflow Vulnerability
- CA eTrust SCM Multiple HTTP Gateway Service Vulnerabilities
- Adobe Reader PDF Handling Denial Of Service Vulnerability (Linux)
- Adobe Flash Player/Air Multiple DoS Vulnerabilities - Aug09 (Linux)
- Apple iTunes Malformed .mov File Buffer Overflow Vulnerability