Summary
This host is installed with Mozilla Firefox
and is prone to information disclosure vulnerability.
Impact
Successful exploitation will allow remote
attackers to gain access to usernames or single-sign-on tokens.
Impact Level: Application
Solution
Upgrade to Mozilla Firefox version 34.0
or later, For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Insight
Flaw exists due to an error when handling
Content Security Policy (CSP) violation reports triggered by a redirect.
Affected
Mozilla Firefox version 33.0 on Mac OS X
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-1591 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apple iTunes Insecure Permissions Privilege Escalation Vulnerability (Mac OS X)
- Apache Tomcat XML External Entity Information Disclosure Vulnerability
- Apache Tomcat Multiple Vulnerabilities - 03 Mar14
- Apple Safari Multiple Memory Corruption Vulnerabilities-01 Aug14 (Mac OS X)
- Adobe Products Unspecified Cross-Site Scripting Vulnerability June-2011 (Windows)