Summary
This host is installed with Mozilla Firefox and is prone to multiple code execution vulnerabilities.
Impact
Successful exploitation could allow attackers to gain privileges or execute arbitrary code in the context of the browser.
Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox version 17.0 later,
For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Insight
- Improper loading of DLL file in the default downloads directory by Firefox installer.
- An error within Style Inspector when parsing style sheets can be exploited to execute HTML and CSS code in chrome privileged context.
Affected
Mozilla Firefox version before 17.0 on Windows
References
Severity
Classification
-
CVE CVE-2012-4206, CVE-2012-4210 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Player Arbitrary Code Execution Vulnerability (Linux)
- Adobe AIR Multiple Vulnerabilities -02 April 13 (Windows)
- Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Windows)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Windows)
- Adobe Acrobat and Reader Multiple Vulnerabilities -Oct10 (Windows)