Summary
The host is installed with Mozilla firefox/thunderbird and is prone to multiple vulnerabilities.
Impact
Successful exploitation will let attackers to cause a denial of service and execute arbitrary code via unspecified vectors.
Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox version 8.0 or later,
For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Upgrade to Thunderbird version to 8.0 or later
http://www.mozilla.org/en-US/thunderbird/
Insight
The flaws are due to
- Error in browser engine, which fails to properly handle links from SVG mpath elements to non-SVG elements.
- Error in browser engine, which fails to properly allocate memory.
- Not properly interacting with the GPU memory behavior of a certain driver for Intel integrated GPUs.
Affected
Thunderbird version prior to 8.0
Mozilla Firefox version prior to 8.0
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2011-3652, CVE-2011-3653, CVE-2011-3654 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities