Mozilla Products 'jsinfer.cpp' Denial Of Service Vulnerability (Mac OS X) Network Vulnerability

Summary

This host is installed with Mozilla firefox/thunderbird and is prone to denial of service vulnerability.

Impact

Successful exploitation could allow attackers to execute arbitrary code in the context of the browser or cause a denial of service. Impact Level: System/Application

Solution

Upgrade to Mozilla Firefox ESR version 10.0.5 or later, For updates refer to http://www.mozilla.com/en-US/firefox/all.html Upgrade to Mozilla Thunderbird ESR version 10.0.5 or later, http://www.mozilla.org/en-US/thunderbird/

Insight

The 'jsinfer.cpp' function in ESR versions fails to determine data types, which allows to cause a denial of service via crafted JavaScript code.

Affected

Thunderbird ESR version 10.x before 10.0.5, Mozilla Firefox ESR version 10.x before 10.0.5 on Mac OS X

References

http://secunia.com/advisories/49366
http://secunia.com/advisories/49368
http://securitytracker.com/id/1027120
http://www.mozilla.org/security/announce/2012/mfsa2012-34.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-1939
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Avast! Zoo Denial of Service Vulnerability
Adobe Digital Edition Denial of Service Vulnerability (Mac OS X)
Allegro Software RomPager 2.10 Denial of Service
CA ARCserve Backup RPC Services Multiple Vulnerabilities (Windows)
Dnsmasq Remote Denial of Service Vulnerability

Mozilla Products 'jsinfer.cpp' Denial of Service Vulnerability (Mac OS X)

Take action and discover your vulnerabilities