Mozilla Seamonkey Integer Overflow Vulnerability-01 Nov13 (Windows) Network Vulnerability

Summary

This host is installed with Mozilla Seamonkey and is prone to integer overflow vulnerability.

Impact

Successful exploitation will allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. Impact Level: Application

Solution

Upgrade to Mozilla Seamonkey version 2.22.1 or later, For updates refer to http://www.mozilla.org/projects/seamonkey

Insight

The flaw is due to integer overflow in the 'PL_ArenaAllocate' function in Mozilla Netscape Portable Runtime (NSPR).

Affected

Mozilla Seamonkey version before 2.22.1 on Windows

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://archives.neohapsis.com/archives/bugtraq/current/0105.html
http://secunia.com/advisories/55732
http://www.mozilla.org/security/announce/2013/mfsa2013-103.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-5607

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Windows)
Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Linux)
Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Windows)
Adobe AIR Multiple Vulnerabilities-01 Sep13 (Mac OS X)
Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Mac OS X)

Take action and discover your vulnerabilities