Mozilla Firefox ESR Multiple Vulnerabilities-01 July14 (Windows) Network Vulnerability

Summary

This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow attackers to compromise a user's system. Impact Level: System/Application

Solution

Upgrade to Mozilla Firefox ESR version 24.6 or later, For updates refer to http://www.mozilla.com/en-US/firefox/all.html

Insight

Multiple flaws are due to, - A use-after-free error in the 'nsTextEditRules::CreateMozBR()' function. - A use-after-free error in the 'RefreshDriverTimer::TickDriver()' function within the MIL Animation Controller. - And some unspecified errors exist.

Affected

Mozilla Firefox ESR version 24.x before 24.6 on Windows

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://secunia.com/advisories/59170
http://www.mozilla.org/security/announce/2014/mfsa2014-48.html

Updated on 2017-03-28

Severity

Classification

CVE CVE-2014-1533, CVE-2014-1538, CVE-2014-1541

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Air Multiple Vulnerabilities -01 August 12 (Windows)
Adobe Acrobat Remote Code Execution Vulnerability(Win)
Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Windows)
Adobe AIR Multiple Vulnerabilities -02 April 13 (Windows)
Adobe Captivate Insecure Library Loading Vulnerability

Take action and discover your vulnerabilities