Mozilla Products Multiple Vulnerabilities-04 January13 (Mac OS X)

  1. Network Vulnerabilities
  2. General
  3. Mozilla Products Multiple Vulnerabilities-04 January13 (Mac OS X)
Summary
This host is installed with Mozilla Firefox/Thunderbird/Seamonkey and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow attackers to inject scripts, bypass certain security restrictions, cause a denial of service or execute arbitrary code in the context of the browser. Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox version 18.0 or ESR version 17.0.2 or later, For updates refer to http://www.mozilla.com/en-US/firefox/all.html Upgrade to SeaMonkey version to 2.15 or later, http://www.mozilla.org/projects/seamonkey/ Upgrade to Thunderbird version to 17.0.2 or ESR 17.0.2 or later, http://www.mozilla.org/en-US/thunderbird/
Insight
- An error exists within the 'nsSOCKSSocketInfo::ConnectToProxy()' when handling SSL connection threads. - An error when parsing height and width values of a canvas element. - An error within the 'Object.prototype.__proto__()' can be exploited to bypass Chrome Object Wrappers (COW). - Unspecified error in the browser engine can be exploited to corrupt memory. - An error exists due to the AutoWrapperChanger class not keeping certain objects alive during garbage collection.
Affected
SeaMonkey version before 2.15 on Mac OS X Thunderbird version before 17.0.2 on Mac OS X Mozilla Firefox version before 18.0 on Mac OS X Thunderbird ESR version 17.x before 17.0.2 on Mac OS X Mozilla Firefox ESR version 17.x before 17.0.2 on Mac OS X
References
Updated on 2015-03-25
Severity
High Severity
Classification
Related Vulnerabilities