Summary
The host is installed with Thundebird/Seamonkey and is prone to Information Disclosure vulnerability.
Impact
Successful exploitation will let the attackers obtain the network location of the applications user by logging DNS requests.
Impact Level: Application
Solution
Apply the patch or Upgrade to Mozilla Necko version 1.9.1 http://www.mozilla.com/en-US/products/
https://bug492196.bugzilla.mozilla.org/attachment.cgi?id=377824
*****
NOTE: Ignore this warning, if above mentioned patch is already applied.
*****
Insight
The flaw exists while DNS prefetching, when the app type is 'APP_TYPE_MAIL' or 'APP_TYPE_EDITOR'
Affected
Mozilla Thunderbird version 3.0.1 and
Seamonkey with Mozilla Necko version 1.9.0 and prior on Linux.
References
Severity
Classification
-
CVE CVE-2009-4629 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities