Summary
This host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to remote code execution vulnerability.
Impact
Successful exploitation could allow remote attackers to execute arbitrary code in the context of the browser.
Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox version 9.0 or later,
For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Upgrade to SeaMonkey version to 2.6 or later,
http://www.mozilla.org/projects/seamonkey/
Upgrade to Thunderbird version to 9.0 or later,
http://www.mozilla.org/en-US/thunderbird/
Insight
A use-after-free error exists in 'nsHTMLSelectElement' when the parent node of the element is no longer active.
Affected
SeaMonkey version before 2.6,
Thunderbird version 5.0 through 8.0,
Mozilla Firefox version 4.x through 8.0 on Mac OS X.
References
Severity
Classification
-
CVE CVE-2011-3671 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Mac OS X)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Mac OS X)
- Adobe Dreamweaver Insecure Library Loading Vulnerability
- Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Windows)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Windows)