Mozilla Firefox ESR Multiple Vulnerabilities-01 September14 (Mac OS X) Network Vulnerability

Summary

This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow attackers to disclose potentially sensitive information and compromise a user's system. Impact Level: Application/System

Solution

Upgrade to Mozilla Firefox ESR version 24.8 or 31.1 or later, For updates refer http://www.mozilla.com/en-US/firefox/all.html

Insight

Multiple flaws exist due to, - A use-after-free error when setting text directionality. - An unspecified errorr.

Affected

Mozilla Firefox ESR 24.x before 24.8 and 31.x before 31.1 on Mac OS X

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://www.mozilla.org/security/announce/2014/mfsa2014-67.html
http://www.osvdb.com/110717
http://www.osvdb.com/110720
https://www.mozilla.org/security/announce/2014/mfsa2014-72.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-1562, CVE-2014-1567

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Air Multiple Vulnerabilities - December12 (Mac OS X)
Adobe Flash Player Code Execution and DoS Vulnerabilities (Linux)
Adobe Flash Player 9.0.115.0 and earlier vulnerability (Lin)
Adobe Acrobat Multiple Vulnerabilities - Mac OS X
Adobe AIR Multiple Vulnerabilities-01 Aug14 (Windows)

Take action and discover your vulnerabilities