The host is installed with Mozilla Firefox before 3.6.25 or Thunderbird before 3.1.17 and is prone to multiple information disclosure vulnerabilities. The flaws are present in the applications, which fail to handle a crafted .jar files. Successful exploitation could allow remote attackers to execute arbitrary code.