Release date: 2011-12-20
Updated on: 2011-12-21
Affected Systems:
Mozilla Firefox 3.6.x
Mozilla Thunderbird 3.1.x
Unaffected system:
Mozilla Firefox 3.6.25
Mozilla Thunderbird 3.1.17
Description:
--------------------------------------------------------------------------------
Bugtraq id: 51139
Cve id: CVE-2011-3666
Firefox is a very popular open-source WEB browser. Thunderbird is a mail client that supports IMAP, POP protocol, and HTML format. SeaMonkey is an open-source Web browser, mail and newsgroup client, IRC session client, and HTML editor.
Mozilla Firefox and Thunderbird have a remote code execution vulnerability. Attackers can exploit this vulnerability to execute arbitrary code, which may cause DoS attacks.
<* Source: Mariusz Mlynsky
Link: http://www.mozilla.org/security/announce/2011/mfsa2011-59.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Mozilla
-------
Mozilla has released a Security Bulletin (mfsa2011-59) and patches for this:
Mfsa2011-59: Mozilla Foundation Security Advisory 2011-59
Link: http://www.mozilla.org/security/announce/2011/mfsa2011-59.html