Summary
This host is installed with Mozilla Firefox/Thunderbird/Seamonkey and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow attackers to cause a denial of service or execute arbitrary code in the context of the browser.
Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox version 18.0 or ESR version 17.0.1 or later, For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Upgrade to SeaMonkey version to 2.15 or later,
http://www.mozilla.org/projects/seamonkey/
Upgrade to Thunderbird version to 17.0.2 or ESR version 17.0.1 or later, http://www.mozilla.org/en-US/thunderbird/
Insight
- Use-after-free errors exists within the
'mozilla::TrackUnionStream::EndTrack' implementation and Mesa when resizing a WebGL canvas.
- Unspecified error in the browser engine can be exploited to corrupt memory.
- An error within the 'gfxTextRun::ShrinkToLigatureBoundaries()' function.
Affected
SeaMonkey version before 2.15 on Mac OS X
Thunderbird version before 17.0.2 on Mac OS X
Mozilla Firefox version before 18.0 on Mac OS X
Thunderbird ESR version 17.x before 17.0.1 on Mac OS X Mozilla Firefox ESR version 17.x before 17.0.1 on Mac OS X
References
- http://secunia.com/advisories/51752/
- http://securitytracker.com/id?1027955
- http://securitytracker.com/id?1027957
- http://securitytracker.com/id?1027958
- http://www.mozilla.org/security/announce/2013/mfsa2013-01.html
- http://www.mozilla.org/security/announce/2013/mfsa2013-02.html
- http://www.osvdb.org/89004
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2013-0749, CVE-2013-0761, CVE-2013-0763, CVE-2013-0771 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Air Multiple Vulnerabilities -01 August 12 (Mac OS X)
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Mac OX S)
- Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Mac OS X)
- Aastra IP Telephone Hardcoded Telnet Password Security Bypass Vulnerability
- Adobe AIR Multiple Vulnerabilities(APSB14-22)-(Mac OS X)