The host is installed with Mozilla Firefox before 3.6.20 or Thunderbird 3.x before 3.1.12 and is prone to a security bypass vulnerability. A flaw is present in the applications, which do not properly select the context for script to run. Successful exploitation could allow attackers to bypass security.