Summary
The host is installed with Mozilla firefox/thunderbird and is prone to multiple vulnerabilities.
Impact
Successful exploitation will let attackers to cause denial of service and execute arbitrary code via unspecified vectors.
Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox version 8.0 or later,
For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Upgrade to Thunderbird version to 8.0 or later
http://www.mozilla.org/en-US/thunderbird/
Insight
The flaws are due to
- unspecified erros in the browser engine.
- Direct2D (aka D2D) API is used in conjunction with the Azure graphics back-end on windows.
Affected
Thunderbird version 7.0
Mozilla Firefox version 7.0
References
Severity
Classification
-
CVE CVE-2011-3649, CVE-2011-3651 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Mac OS X)
- Adobe Acrobat and Reader Multiple Vulnerabilities -July10 (Windows)
- Adobe Air Multiple Vulnerabilities - October 12 (Mac OS X)
- Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Mac OS X)
- Adobe Acrobat Multiple Unspecified Vulnerabilities - Mac OS X