The host is installed with Mozilla Firefox/Seamonkey/Thunderbird is prone to multiple vulnerabilities.

Successful exploitation will let attackers to execute arbitrary code on the system or cause the browser to crash. Impact Level: Application

Upgrade to Firefox version 3.0.19, 3.5.9, 3.6.2 http://www.mozilla.com/en-US/firefox/all.html Upgrade to Seamonkey version 2.0.4 http://www.seamonkey-project.org/releases/

The flaws are due to: - A dangling pointer flaw in the 'nsPluginArray window.navigator.plugins object' when user loads specially crafted HTML which allows to execute arbitrary code via unknown vectors. - An error in loading a specially crafted applet, that converts a user mouse click into a 'drag-and-drop' action which allows to load a privileged 'chrome:' URL and execute arbitrary scripting code with privileges.

Seamonkey version prior to 2.0.4 and Firefox version 3.0.x before 3.0.19, 3.5.x before 3.5.9, 3.6.x before 3.6.2

• http://securitytracker.com/alerts/2010/Mar/1023776.html
• http://www.vupen.com/english/advisories/2010/0748
• http://xforce.iss.net/xforce/xfdb/57393

---

Updated on 2015-03-25