Summary
The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to code execution vulnerability.
Impact
Successful exploitation will let attackers to execute arbitrary code in the context of the user running the affected application.
Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox version 7 or later,
For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Upgrade to SeaMonkey version to 2.4 or later
http://www.mozilla.org/projects/seamonkey/
Upgrade to Thunderbird version to 7.0 or later
http://www.mozilla.org/en-US/thunderbird/
Insight
The flaw is due to an unspecified error within the YARR regular expression library can be exploited to corrupt memory.
Affected
SeaMonkey version prior to 2.4
Thunderbird version prior to 7.0
Mozilla Firefox version prior to 7
References
Severity
Classification
-
CVE CVE-2011-3232 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Windows)
- Adobe AIR Multiple Vulnerabilities -01 Feb13 (Windows)
- Adobe Flash Player Arbitrary Code Execution Vulnerability (Linux)
- Adobe Acrobat Sandbox Bypass Vulnerability - Aug14 (Windows)
- Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Windows)