The host is installed with Mozilla firefox/seamonkey/thunderbird and is prone to memory corruption vulnerability.

Successful exploitation will let attackers to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Impact Level: Application

Upgrade to Mozilla Firefox version 10.0.1 or later, For updates refer to http://www.mozilla.com/en-US/firefox/all.html Upgrade to SeaMonkey version to 2.7.1 or later http://www.mozilla.org/projects/seamonkey/ Upgrade to Thunderbird version 10.0.1 or later http://www.mozilla.org/en-US/thunderbird/

The flaw is due to an error in the 'ReadPrototypeBindings()' method when handling XBL bindings in a hash table and can be exploited to cause a cycle collector to call an invalid virtual function.

SeaMonkey version prior to 2.7.1, Thunderbird version 10.x prior to 10.0.1 and Mozilla Firefox version 10.x prior to 10.0.1 on Windows

• http://secunia.com/advisories/48008/
• http://securitytracker.com/id/1026665
• http://www.mozilla.org/security/announce/2012/mfsa2012-10.html

---

Updated on 2015-03-25