Mozilla Products Denial Of Service Vulnerability (Windows) Network Vulnerability

Summary

The host is installed with Mozilla Firefox/Seamonkey and is prone to Denial of Service vulnerability.

Impact

Successful exploitation will let attackers to cause a denial of service (excessive application launches) via an HTML document with many images. Impact Level: Application

Solution

Upgrade to Firefox version 3.5.9 or 3.6.2 http://www.mozilla.com/en-US/firefox/all.html Upgrade to Seamonkey version 2.0.4 http://www.seamonkey-project.org/releases/

Insight

The flaw is caused by an error when handling an 'image' tag pointing to a resource that redirects to a 'mailto:' URL, an external mail handler application is launched.

Affected

Seamonkey version prior to 2.0.4 and Firefox version before 3.5.9, 3.6.x before 3.6.2 on Windows.

References

http://www.mozilla.org/security/announce/2010/mfsa2010-23.html
http://www.vupen.com/english/advisories/2010/0748
http://xforce.iss.net/xforce/xfdb/57395

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0181
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Avahi Denial of Service Vulnerability
DB2 DOS
CUPS Empty UDP Datagram DoS Vulnerability
Compaq Web SSI DoS
F-PROT Antivirus Multiple Vulnerabilities

Mozilla Products Denial of Service Vulnerability (Windows)

Take action and discover your vulnerabilities