This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities.

Successful exploitation will allow attackers to execute arbitrary code, cause a denial of service, spoof the address bar and conduct clickjacking attacks. Impact Level: System/Application.

Upgrade to Mozilla Firefox ESR version 24.1 or later, For updates refer to http://www.mozilla.org/en-US/firefox/organizations/all.html

Multiple flaws due to, - Use-after-free vulnerability in the 'nsContentUtils::ContentIsHostIncludingDescendantOf' function. - Improper handling of the appending of an IFRAME element in 'PDF.js'. - Unspecified vulnerabilities in the browser engine. - Improper restriction of the nature or placement of HTML within a dropdown menu. - Improper determination of the thread for release of an image object.

Mozilla Firefox ESR version 24.x before 24.1 on Windows

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

• http://secunia.com/advisories/55520/
• http://www.mozilla.org/security/announce/2013/mfsa2013-99.html

---

Updated on 2017-03-28