Summary
The host is installed with Mozilla firefox/seamonkey and is prone to multiple vulnerabilities.
Impact
Successful exploitation will let attackers to, attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code.
Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox version 7.0 or later,
For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Upgrade to SeaMonkey version to 2.4 or later
http://www.mozilla.org/projects/seamonkey/
Insight
The flaws are due to
- An error while validating the return value of a GrowAtomTable function call.
- An error within WebGL's ANGLE library does not properly check for return values from the 'GrowAtomTable()' function and can be exploited to cause a buffer overflow by sending a series of requests.
- Error while restricting availability of motion data events.
Affected
SeaMonkey version prior to 2.4
Mozilla Firefox version prior to 7
References
Severity
Classification
-
CVE CVE-2011-3002, CVE-2011-3003, CVE-2011-3866 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Media Server multiple vulnerabilities
- Aastra IP Telephone Hardcoded Telnet Password Security Bypass Vulnerability
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Mac OX S)
- Adobe Acrobat Multiple Unspecified Vulnerabilities - Windows
- Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Windows)