Summary
The host is installed with Mozilla Firefox/Seamonkey/Thunderbird and is prone to Denial of Servcie vulnerability.
Impact
Successful exploitation will let attackers to execute arbitrary code on the system or cause the browser to crash.
Impact Level: Application
Solution
Upgrade to Firefox version 3.0.19 or 3.5.9
http://www.mozilla.com/en-US/firefox/all.html
Upgrade to Seamonkey version 2.0.4
http://www.seamonkey-project.org/releases/
Upgrade to Thunderbird version 3.0.4
http://www.mozillamessaging.com/en-US/thunderbird/
Insight
The flaw is due to an error in the 'nsTreeSelection' implementation, that allows to execute arbitrary code or application crash via unspecified vectors that trigger a call to a certain event handler.
Affected
Seamonkey version prior to 2.0.4
Thunderbird version proior to 3.0.4
Firefox version before 3.0.19 and 3.5.x before 3.5.9
References
Severity
Classification
-
CVE CVE-2010-0175 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Windows)
- Adobe Acrobat Unspecified vulnerability
- Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Mac OS X)
- Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Mac OS X)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Windows)