Summary
This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers to compromise a user's system.
Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox ESR version 24.6 or later, For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Insight
Multiple flaws are due to,
- A use-after-free error in the 'nsTextEditRules::CreateMozBR()' function.
- A use-after-free error in the 'RefreshDriverTimer::TickDriver()' function within the MIL Animation Controller.
- And some unspecified errors exist.
Affected
Mozilla Firefox ESR version 24.x before 24.6 on Mac OS X
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-1533, CVE-2014-1538, CVE-2014-1541 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat and Reader 'printSeps()' Function Heap Corruption Vulnerability
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Mac OS X)
- Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Windows)
- Adobe Air Multiple Vulnerabilities - December12 (Mac OS X)
- Adobe AIR Multiple Vulnerabilities-01 Sep14 (Windows)