Summary
The host is installed with Mozilla firefox/thunderbird and is prone to privilege escalation vulnerability.
Impact
Successful exploitation will let attackers to gain privileges via a crafted web site.
Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox version 8.0 or later,
For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Upgrade to Thunderbird version to 8.0 or later
http://www.mozilla.org/en-US/thunderbird/
Insight
The flaw is due to, performing access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site.
Affected
Thunderbird version 5.0 through 7.0
Mozilla Firefox version 4.x through 7.0
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2011-3655 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities