Mozilla Seamonkey XSL Parsing Vulnerability (Win) Network Vulnerability

Summary

The host is installed with Mozilla Seamnkey and is prone to XSL File Parsing Vulnerability.

Impact

Successful exploitation will let the attacker cause remote code execution through a specially crafted malicious XSL file or can cause application termination at runtime. Impact Level: Application

Solution

Upgrade to Seamonkey version 1.1.16 or later. http://www.seamonkey-project.org/releases

Insight

This flaw is due to improper handling of errors encountered when transforming an XML document which can be exploited to cause memory corruption through a specially crafted XSLT code.

Affected

Mozilla Seamonkey version 1.0 to 1.1.15 on Windows.

References

http://secunia.com/advisories/34471
http://securitytracker.com/alerts/2009/Mar/1021941.html
http://www.mozilla.org/security/announce/2009/mfsa2009-12.html

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-1169
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Firefox XSL Parsing Vulnerability (Win)
EMC Data Protection Advisor NULL Pointer Dereference Denial of Service Vulnerability
connect to all open ports
Google Chrome Multiple Denial of Service Vulnerabilities - February 11(Linux)
Apple Safari Multiple Vulnerabilities June-09 (Win) - II

Take action and discover your vulnerabilities