Summary
This host is installed with Mozilla Firefox ESR
and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote
attackers to bypass certain security restrictions, and compromise a user's system.
Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox ESR version 31.4
or later, For updates refer to https://www.mozilla.org/en-US/firefox/organizations
Insight
Multiple flaws exist due to,
- A use-after-free error when handling tracks within WebRTC.
- An error when handling a '407 Proxy Authentication' response with a 'Set-Cookie' header from a web proxy.
- Some unspecified errors.
- An error when handling a request from 'navigator.sendBeacon' API interface function.
Affected
Mozilla Firefox ESR 31.x before 31.4 on
Windows
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
- http://secunia.com/advisories/62253
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-01
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-03
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-04
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-06
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-8634, CVE-2014-8638, CVE-2014-8639, CVE-2014-8641 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities