The host is installed with Mozilla Firefox, Seamonkey or Thunderbird and is prone to multiple vulnerabilities.

Successful exploitation will let remote attackers to execute arbitrary code or cause a denial of service. Impact Level: System/Application

Upgrade to Firefox version 3.6.18, 5.0 or later http://www.mozilla.com/en-US/firefox/all.html Upgrade to Seamonkey version 2.2 or later http://www.seamonkey-project.org/releases/ Upgrade to Thunderbird version 3.1.11 or later http://www.mozillamessaging.com/en-US/thunderbird/

- An integer overflow error in the 'Array.reduceRight' method allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object. - A use-after-free error exists when handling XUL documents. - An error when processing images with the 'multipart/x-mixed-replace' MIME type can be exploited to corrupt memory.

Thunderbird version before 3.1.11. SeaMonkey versions 2.0.14 and prior. Mozilla Firefox versions before 3.6.18 and 4.x through 4.0.1

• http://www.mozilla.org/security/announce/2011/mfsa2011-20.html
• http://www.mozilla.org/security/announce/2011/mfsa2011-21.html
• http://www.mozilla.org/security/announce/2011/mfsa2011-22.html

---

Updated on 2015-03-25