Mozilla Products Multiple Vulnerabilities jul-10 (Windows)

The host is installed with Mozilla Firefox/Seamonkey/Thunderbird that are prone to multiple vulnerabilities.

The flaws are due to: - A memory corruption errors in the browser engine, which allows to corrupt the memory under certain circumstances. - An integer overflow error exists when array class used to store CSS values, which allows to execute arbitrary codes. - An integer overflow error in the implementation of the XUL <tree> element's 'selection' attribute. When the size of a new selection is sufficiently large the integer used in calculating the length of the selection, which allows attacker to call into deleted memory and run arbitrary code. - Error in handling of 'CSS' selector into points A and B of a target page, data can be read across domains by injecting bogus CSS selectors into a target site and then retrieving the data using JavaScript APIs. - Cross-origin data leakage errors occurs from script filename in error messages.

Seamonkey version 2.0.x before 2.0.6 Firefox version 3.5.x before 3.5.11 and 3.6.x before 3.6.7 Thunderbird version 3.0.x before 3.0.6 and 3.1.x before 3.1.1

Upgrade to Firefox version 3.5.11 or 3.6.7 or later Upgrade to Seamonkey version 2.0.6 or later Upgrade to Thunderbird version 3.0.6 or 3.1.1 or later