Summary
This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers to bypass certain security restrictions and compromise a user's system.
Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox ESR version 24.3 or later, For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Insight
Multiple flaws are due to,
- An error when handling XML Binding Language (XBL) content scopes.
- An error when handling discarded images within the 'RasterImage' class.
- A use-after-free error related to certain content types when used with the 'imgRequestProxy()' function.
- An error when handling web workers error messages.
- A race condition error when handling session tickets within libssl.
- An error when handling JavaScript native getters on window objects.
Affected
Mozilla Firefox ESR version 24.x before 24.3 on Windows
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-1477, CVE-2014-1479, CVE-2014-1481, CVE-2014-1482, CVE-2014-1486, CVE-2014-1487, CVE-2014-1490, CVE-2014-1491 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities