Mozilla Seamonkey XSL Parsing Vulnerability (Win) Network Vulnerability

Summary

The host is installed with Mozilla Seamnkey and is prone to XSL File Parsing Vulnerability.

Impact

Successful exploitation will let the attacker cause remote code execution through a specially crafted malicious XSL file or can cause application termination at runtime. Impact Level: Application

Solution

Upgrade to Seamonkey version 1.1.16 or later. http://www.seamonkey-project.org/releases

Insight

This flaw is due to improper handling of errors encountered when transforming an XML document which can be exploited to cause memory corruption through a specially crafted XSLT code.

Affected

Mozilla Seamonkey version 1.0 to 1.1.15 on Windows.

References

http://secunia.com/advisories/34471
http://securitytracker.com/alerts/2009/Mar/1021941.html
http://www.mozilla.org/security/announce/2009/mfsa2009-12.html

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-1169

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Asterisk SIP Channel Driver Denial Of Service Vulnerability (Linux)
Google Chrome Multiple Denial of Service Vulnerabilities - March12 (Linux)
Adobe Flash Player for Linux SWF Processing Vulnerability
Firefox XSL Parsing Vulnerability (Linux)
ActFax LPD/LPR Server Denial of Service Vulnerability

Take action and discover your vulnerabilities