Release date: 2011-12-20
Updated on: 2011-12-21
Affected Systems:
Mozilla Firefox 8.0.1
Mozilla Firefox 8.0.
Mozilla Firefox 7.x
Mozilla Firefox 5.x
Mozilla Firefox 4.x
Mozilla Firefox 3.x
Mozilla Thunderbird 3.x
Mozilla SeaMonkey 2.x
Unaffected system:
Mozilla Firefox 9.0.
Mozilla Thunderbird 9.0
Mozilla SeaMonkey 2.6
Description:
--------------------------------------------------------------------------------
Bugtraq id: 51137
Cve id: CVE-2011-3664
Firefox is a very popular open-source WEB browser. Thunderbird is a mail client that supports IMAP, POP protocol, and HTML format. SeaMonkey is an open-source Web browser, mail and newsgroup client, IRC session client, and HTML editor.
Mozilla Firefox/Thunderbird/SeaMonkey has the DoS vulnerability when the plug-in calls its DOM frame. Attackers can exploit this vulnerability to cause DoS and execute arbitrary code.
<* Source: Mariusz Mlynsky
Richard Bateman
Link: http://secunia.com/advisories/47302/
Http://www.mozilla.org/security/announce/2011/mfsa2011-57.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Mozilla
-------
Mozilla has released a Security Bulletin (mfsa2011-57) and patches for this:
Mfsa2011-57: Mozilla Foundation Security Advisory 2011-57
Link: http://www.mozilla.org/security/announce/2011/mfsa2011-57.html