Summary
The host is installed with Mozilla Firefox browser and is prone to denial of service vulnerability.
Impact
Successful remote exploitation could result in denying the service.
Impact Level: Application
Solution
Upgrade to Firefox version 3.6.3 or later,
For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Insight
Null pointer dereferencing error occurs in the broswer which fails to validate the user input data when designMode module is enabled. These can be exploited via replaceChild or removeChild call, followed by a queryCommandValue, queryCommandState or queryCommandIndeterm call.
Affected
Firefox version 3.x to 3.0.5 on Windows.
References
Severity
Classification
-
CVE CVE-2009-0071 -
CVSS Base Score: 2.6
AV:N/AC:H/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Wireshark IEEE 802.11 Dissector Denial of Service Vulnerability (Mac OS X)
- Cisco VPN Client for Windows 'StartServiceCtrlDispatche' Local Denial of Service Vulnerability
- Oracle VM VirtualBox Local Denial of Service Vulnerability-01 Oct2013 (Mac OS X)
- Hummingbird Connectivity FTP service XCWD Overflow
- Wireshark IKE Packet Denial of Service Vulnerability (Win)