The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to multiple unspecified vulnerabilities.

Successful exploitation will allow attackers to execute arbitrary code in the context of the user running an affected application. Failed exploit attempts will result in a denial-of-service condition. Impact Level: System/Application

Upgrade to Mozilla Firefox version 3.6.20 or later, For updates refer to http://www.mozilla.com/en-US/firefox/all.html Upgrade to SeaMonkey version to 2.3 or later http://www.mozilla.org/projects/seamonkey/ Upgrade to Thunderbird version to 3.1.12 or later http://www.mozilla.org/en-US/thunderbird/

The flaws are due to - Unspecified errors in the browser engine in mozilla products. - Improperly handling of the 'RegExp.input' property, which allows remote attackers to bypass the same origin policy and read data from a different domain via a crafted web site.

Mozilla Firefox version before 3.6.20 SeaMonkey version 1.x and 2.0 through 2.2 Thunderbird version 2.x and 3.0 through 3.1.11

• http://secunia.com/advisories/45666/
• http://support.avaya.com/css/P8/documents/100146973
• http://www.mozilla.org/security/announce/2011/mfsa2011-30.html

---

Updated on 2015-03-25