This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities.

Successful exploitation will allow attackers disclose potentially sensitive information, bypass certain security restrictions, conduct denial-of-service attack and compromise a user's system. Impact Level: System/Application

Upgrade to Mozilla Firefox ESR version 31.2 or later, For updates refer to https://www.mozilla.org/en-US/firefox/organizations

Multiple flaws exist due to, - An error in Alarm API which does not properly restrict toJSON calls. - An error when handling video sharing within a WebRTC session running within an iframe. - An error when handling camera recording within an iframe related to site navigation. - An use-after-free error when handling text layout related to DirectionalityUtils. - An out-of-bounds error within the 'get_tile' function when buffering WebM format video containing frames. - An out-of-bounds error within 'mozilla::dom::OscillatorNodeEngine::ComputeCustom' method when interacting with custom waveforms. - An error within the 'nsTransformedTextRun' class when handling capitalization style changes during CSS parsing. - Other unspecified errors.

Mozilla Firefox ESR 31.x before 31.2 on Mac OS X

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

• http://msisac.cisecurity.org/advisories/2014/2014-088.cfm
• http://osvdb.com/113159
• http://osvdb.com/113161
• http://secunia.com/advisories/59643/
• https://www.mozilla.org/security/announce/2014/mfsa2014-76.html
• https://www.mozilla.org/security/announce/2014/mfsa2014-81.html
• https://www.mozilla.org/security/announce/2014/mfsa2014-82.html

---

Updated on 2017-03-28