Mozilla Seamonkey Integer Overflow Vulnerability-01 Nov13 (Mac OS X) Network Vulnerability

Summary

This host is installed with Mozilla Seamonkey and is prone to integer overflow vulnerability.

Impact

Successful exploitation will allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. Impact Level: Application

Solution

Upgrade to Mozilla Seamonkey version 2.22.1 or later, For updates refer to http://www.mozilla.org/projects/seamonkey

Insight

The flaw is due to integer overflow in the 'PL_ArenaAllocate' function in Mozilla Netscape Portable Runtime (NSPR).

Affected

Mozilla Seamonkey version before 2.22.1 on Mac OS X

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://archives.neohapsis.com/archives/bugtraq/current/0105.html
http://secunia.com/advisories/55732
http://www.mozilla.org/security/announce/2013/mfsa2013-103.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-5607

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe Flash Media Server multiple vulnerabilities
Adobe AIR Multiple Vulnerabilities-01 Dec13 (Windows)
Adobe Acrobat and Reader Multiple Vulnerabilities -July10 (Windows)
Adobe AIR Multiple Vulnerabilities-01 Aug14 (Mac OS X)
Adobe Air and Flash Player Multiple Vulnerabilities (Mac OS X)

Take action and discover your vulnerabilities