Posts Tagged ‘vulnerabilities in Mozilla Thunderbird’

Firefox logo

Multiple vulnerabilities

Vulnerability: Multiple vulnerabilities in Mozilla Firefox and Mozilla Thunderbird

Danger: High
Patch: Yes
Number of vulnerabilities: 19

Vector of operation: Remote
Impact:

– Cross Site Scripting;
– Security Bypass;
– System compromise.

Affected products: Mozilla Firefox 16.x, Mozilla Thunderbird 16.x

Affected versions: Mozilla Firefox versions prior to 17.0, Mozilla Thunderbird versions prior to 17.0

Description:

Which can be exploited by malicious people to execute arbitrary code on the target system.

1. An unspecified error. This can be exploited to corrupt memory and execute arbitrary code on the target system.

2. An error in the function of image :: RasterImage :: DrawFrameTo () when processing GIF images. This can be exploited to cause a buffer overflow on the target system.

3. An error in the function evalInSandbox () when processing properties location.href. This can be exploited to bypass certain security restrictions and the system read a local file. (more…)